ytro.news Open in urlscan Pro
109.248.237.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ytro.news/
Effective URL:
https://ytro.news/
Submission Tags: tranco_l324
Submission: On October 31 via api (October 31st 2021, 10:05:44 am UTC) from DE — Scanned from DE

Summary HTTP 412 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 73 IPs in 11 countries across 58 domains to perform 412 HTTP transactions. The main IP is 109.248.237.34, located in Russian Federation and belongs to SUPPORTIT-AS, RU. The main domain is ytro.news.
TLS certificate: Issued by R3 on September 20th 2021. Valid for: 3 months.

This is the only time ytro.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	109.248.237.34 109.248.237.34	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
2 3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	217.69.139.14 217.69.139.14	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
18	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
16	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
52	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 1	195.161.16.141 195.161.16.141	8342 (RTCOMM-AS) (RTCOMM-AS)
2	2606:4700:10:... 2606:4700:10::6816:4f7b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2.18.233.88 2.18.233.88	16625 (AKAMAI-AS) (AKAMAI-AS)
6	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (YNDX) (YNDX)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	188.42.29.196 188.42.29.196	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	88.99.28.61 88.99.28.61	24940 (HETZNER-AS) (HETZNER-AS)
2	92.38.138.91 92.38.138.91	199524 (GCORE) (GCORE)
2	146.185.195.88 146.185.195.88	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
6	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
11	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
11	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	95.211.66.34 95.211.66.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	34.252.144.27 34.252.144.27	16509 (AMAZON-02) (AMAZON-02)
5	46.161.36.23 46.161.36.23	49505 (SELECTEL) (SELECTEL)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
29	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1 1	138.201.139.144 138.201.139.144	24940 (HETZNER-AS) (HETZNER-AS)
17	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	195.161.16.140 195.161.16.140	8342 (RTCOMM-AS) (RTCOMM-AS)
1	185.162.95.72 185.162.95.72	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1	82.202.225.240 82.202.225.240	49505 (SELECTEL) (SELECTEL)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	217.20.155.208 217.20.155.208	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
38	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	195.161.16.132 195.161.16.132	8342 (RTCOMM-AS) (RTCOMM-AS)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	81.222.128.213 81.222.128.213	20597 (ELTEL-AS) (ELTEL-AS)
8 20	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 4	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
4	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 4	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
3	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
6	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
4 4	35.157.177.200 35.157.177.200	16509 (AMAZON-02) (AMAZON-02)
3 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
3 6	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4	54.36.108.3 54.36.108.3	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:6f35:8046:ae1a:688f	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:223... 2600:9000:223f:b600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.124.143.99 3.124.143.99	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	18.193.230.138 18.193.230.138	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.105.17 18.195.105.17	16509 (AMAZON-02) (AMAZON-02)
412	73

22 109.248.237.34 (Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

ytro.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.69.139.14 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: likemore-go.imgsmail.ru

likemore-go.imgsmail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

pics.ytro.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.161.16.141 (Ostrovnoy, Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)

www.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4f7b (United States)

ASN13335 (CLOUDFLARENET, US)

code.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.17 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.88 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-88.deploy.static.akamaitechnologies.com

d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.29.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Poland)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.28.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.61.28.99.88.clients.your-server.de

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.38.138.91 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f10.moevideo.net

moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.185.195.88 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: target2-1.ssel23.imcmdb.net

target.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.211.66.34 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.144.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-144-27.eu-west-1.compute.amazonaws.com

ingestion.contentinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.161.36.23 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.sselp1.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.139.144 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de

cm.p.altergeo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.161.16.140 (Ostrovnoy, Russian Federation)

ASN8342 (RTCOMM-AS, RU)

data.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.162.95.72 (Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ads5-1.smir10.imcmdb.net

smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6f39a5f37896882b69a2b4fcf7320cf2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02b396fb068d41101fee058d08ed9614.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.155.208 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip208.155.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.161.16.132 (Ostrovnoy, Russian Federation)

ASN8342 (RTCOMM-AS, RU)

a.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.23.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.141.232 (Ascension Island) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.14 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.90.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal900019.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.116 (Heppenheim an der Bergstrasse, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal90004.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.46.111.106 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.177.200 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-177-200.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.166 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.108.3 (Germany)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Sweden)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Southampton, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:6f35:8046:ae1a:688f (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:b600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.143.99 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.230.138 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-230-138.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.105.17 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-105-17.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
102	googlesyndication.com pagead2.googlesyndication.com fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com 6f39a5f37896882b69a2b4fcf7320cf2.safeframe.googlesyndication.com 02b396fb068d41101fee058d08ed9614.safeframe.googlesyndication.com c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com tpc.googlesyndication.com d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com	705 KB
56	doubleclick.net 11 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net 8019191.fls.doubleclick.net googleads4.g.doubleclick.net	991 KB
38	ytro.news 1 redirects ytro.news pics.ytro.news	421 KB
29	adfox.ru ads.adfox.ru	926 B
21	google.com 1 redirects adservice.google.com www.google.com	7 KB
18	relap.io relap.io	184 KB
17	redintelligence.net 1 redirects hal9000.redintelligence.net hal900019.redintelligence.net hal90004.redintelligence.net hal900027.redintelligence.net	32 KB
14	2mdn.net s0.2mdn.net	282 KB
14	yandex.ru yandex.ru matchid.adfox.yandex.ru an.yandex.ru	152 KB
13	googletagservices.com www.googletagservices.com	408 KB
11	clickiocdn.com clickiocdn.com	2 KB
7	google.de adservice.google.de	2 KB
7	mail.ru top-fwz1.mail.ru ad.mail.ru	16 KB
6	yahoo.com 4 redirects ads.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	5 KB
6	yastatic.net yastatic.net	235 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	stat.media stat.media	30 KB
5	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	7 KB
5	giraff.io 1 redirects www.giraff.io code.giraff.io data.giraff.io a.giraff.io	30 KB
4	contentspread.net cdn.contentspread.net	238 KB
4	advertising.com 4 redirects pixel.advertising.com	1 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	google-analytics.com www.google-analytics.com ssl.google-analytics.com	37 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	openx.net 2 redirects us-u.openx.net	831 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	smi2.net target.smi2.net smi2.net	2 KB
3	unpkg.com 2 redirects unpkg.com	2 KB
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	smartadserver.com rtb-csync.smartadserver.com	326 B
2	teads.tv sync.teads.tv	344 B
2	uuidksinc.net s.uuidksinc.net	533 B
2	1dmp.io 1 redirects sync.1dmp.io	777 B
2	contentinsights.com ingestion.contentinsights.com	176 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	moevideo.biz moevideo.biz	172 KB
2	rambler.ru counter.rambler.ru kraken.rambler.ru	80 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com	583 B
1	smaato.net 1 redirects s.ad.smaato.net	438 B
1	blismedia.com tr.blismedia.com	141 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	adriver.ru ssp.adriver.ru	201 B
1	ok.ru connect.ok.ru	2 KB
1	vk.com vk.com	479 B
1	facebook.com graph.facebook.com	669 B
1	smi2.ru smi2.ru	866 B
1	altergeo.ru 1 redirects cm.p.altergeo.ru	523 B
1	otm-r.com yhb.p.otm-r.com	250 B
1	creativecdn.com adfox-c2s-ams.creativecdn.com	203 B
1	betweendigital.com ads.betweendigital.com	914 B
1	rackcdn.com d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	6 KB
1	criteo.net static.criteo.net	39 KB
1	imgsmail.ru likemore-go.imgsmail.ru	11 KB
1	googletagmanager.com www.googletagmanager.com	49 KB
412	58

	Domain	Requested by
52	pagead2.googlesyndication.com	ytro.news securepubads.g.doubleclick.net tpc.googlesyndication.com fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com googleads.g.doubleclick.net d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com www.googletagservices.com
38	tpc.googlesyndication.com	securepubads.g.doubleclick.net ytro.news tpc.googlesyndication.com cdn.ampproject.org fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com googleads.g.doubleclick.net d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
29	ads.adfox.ru	ytro.news
22	ytro.news	1 redirects ytro.news
20	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net ytro.news e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
18	relap.io	ytro.news relap.io
17	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ytro.news
16	pics.ytro.news	ytro.news
14	s0.2mdn.net	ytro.news s0.2mdn.net
13	www.googletagservices.com	yandex.ru securepubads.g.doubleclick.net ytro.news fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
11	www.google.com	1 redirects tpc.googlesyndication.com ytro.news fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
11	clickiocdn.com	ytro.news
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com ytro.news fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
11	an.yandex.ru	yandex.ru
10	adservice.google.com	securepubads.g.doubleclick.net 8019191.fls.doubleclick.net
7	adservice.google.de	securepubads.g.doubleclick.net
6	8019191.fls.doubleclick.net	3 redirects ytro.news
6	hal900027.redintelligence.net	hal9000.redintelligence.net hal900027.redintelligence.net
6	yastatic.net	yandex.ru ytro.news
6	top-fwz1.mail.ru	ytro.news top-fwz1.mail.ru
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	stat.media	target.smi2.net stat.media ytro.news
4	cdn.contentspread.net	hal900019.redintelligence.net hal90004.redintelligence.net hal900027.redintelligence.net
4	ups.analytics.yahoo.com	3 redirects googleads.g.doubleclick.net
4	pixel.advertising.com	4 redirects
4	hal900019.redintelligence.net	1 redirects e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com hal900019.redintelligence.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	hal9000.redintelligence.net	e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	hal90004.redintelligence.net	hal9000.redintelligence.net hal90004.redintelligence.net
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google-analytics.com	ytro.news www.googletagmanager.com www.google-analytics.com
3	unpkg.com	2 redirects ytro.news
2	ads.creative-serving.com	2 redirects
2	pm.w55c.net	2 redirects
2	googleads4.g.doubleclick.net	ytro.news
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	s.uuidksinc.net	ytro.news
2	e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sync.1dmp.io	1 redirects relap.io
2	ingestion.contentinsights.com	ytro.news
2	gum.criteo.com	1 redirects static.criteo.net
2	counter.yadro.ru	1 redirects ytro.news
2	target.smi2.net	ytro.news
2	moevideo.biz	ytro.news moevideo.biz
2	bidder.criteo.com	static.criteo.net
2	code.giraff.io	ytro.news
2	yandex.ru	ytro.news
1	dsp.adfarm1.adition.com	1 redirects
1	s.tribalfusion.com	d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
1	pixel-sync.sitescout.com	e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
1	ads.yahoo.com	googleads.g.doubleclick.net
1	ssp.adriver.ru	ytro.news
1	a.giraff.io	www.giraff.io
1	connect.ok.ru	www.giraff.io
1	vk.com	www.giraff.io
1	graph.facebook.com	www.giraff.io
1	02b396fb068d41101fee058d08ed9614.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	6f39a5f37896882b69a2b4fcf7320cf2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	smi2.net	ytro.news
1	smi2.ru	ytro.news
1	data.giraff.io	www.giraff.io
1	cm.p.altergeo.ru	1 redirects
1	mug.criteo.com	ytro.news
1	kraken.rambler.ru	ytro.news
1	yhb.p.otm-r.com	yandex.ru
1	adfox-c2s-ams.creativecdn.com	yandex.ru
1	ad.mail.ru	yandex.ru
1	ads.betweendigital.com	yandex.ru
1	matchid.adfox.yandex.ru	yandex.ru
1	d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	ytro.news
1	ssl.google-analytics.com	ytro.news
1	counter.rambler.ru	ytro.news
1	www.giraff.io	1 redirects
1	static.criteo.net	ytro.news
1	likemore-go.imgsmail.ru	ytro.news
1	www.googletagmanager.com	ytro.news
412	89

This site contains links to these domains. Also see Links.

Domain
smi2.ru
www.facebook.com
vk.com
ok.ru
twitter.com
zen.yandex.ru
top100.rambler.ru

Subject Issuer	Validity	Valid
*.ytro.news R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.imgsmail.ru GeoTrust RSA CA 2018	`2021-07-12` - `2022-08-12`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
relap.io GeoTrust RSA CA 2018	`2021-08-26` - `2022-09-26`	a year	crt.sh
pics.ytro.news Sectigo RSA Domain Validation Secure Server CA	`2021-06-03` - `2022-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.rambler.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-08-26` - `2022-02-18`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-06` - `2022-02-16`	2 years	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.p.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2022-02-06`	2 years	crt.sh
*.moevideo.biz AlphaSSL CA - SHA256 - G2	`2021-04-27` - `2022-05-29`	a year	crt.sh
smi2.net R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
adlmerge.com R3	`2021-10-10` - `2022-01-08`	3 months	crt.sh
*.contentinsights.com Amazon	`2021-09-15` - `2022-10-14`	a year	crt.sh
stat.media R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
*.adfox.ru Yandex CA	`2021-07-27` - `2022-01-06`	5 months	crt.sh
sync.1dmp.io R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-23` - `2022-04-22`	a year	crt.sh
giraff.io R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh
smi2.ru R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-09` - `2021-11-07`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2021-02-18` - `2022-03-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
uuidksinc.net R3	`2021-10-16` - `2022-01-14`	3 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2021-12-15`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh

This page contains 59 frames:

Primary Page: https://ytro.news/
Frame ID: 7F40A90260C29F2709F6BCC04B57173F
Requests: 154 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html
Frame ID: C9F818A6EC29AE98E343A0D4E66D1901
Requests: 1 HTTP requests in this frame

Frame: https://relap.io/v7/relap.js
Frame ID: CFE22117AC4B48C06804E381B12C53E3
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ytro.news
Frame ID: 145B5C3864C9416044D3D781FF1B0C2D
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 9E3B436A3DCA4FFDF9F0901CDCA3B827
Requests: 14 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 4D863DF2D0108195D33AB3072811E900
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 7A69DE06B1D3462E06B7E3D941DC5785
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 297DB408BE8BF2D7B6FAADA64DCF29C5
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: A242933FAC2C55907804D2FB9DDEDE84
Requests: 22 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 49846C5D4A9FDDA7E56C67AB6D642941
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 902B71B621EACC9D8B140CF3E76C46CF
Requests: 8 HTTP requests in this frame

Frame: https://sync.1dmp.io/supersync?t=18af24f1-3a32-11ec-8677-901b0e934d81
Frame ID: B2D82EB177BAA72A1EF270099A22C53F
Requests: 1 HTTP requests in this frame

Frame: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FB333BD7936A5B41C282E9EC56D56DDB
Requests: 1 HTTP requests in this frame

Frame: https://6f39a5f37896882b69a2b4fcf7320cf2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BBFED50BCA6E6BDBC6F3D20850A5A2A8
Requests: 1 HTTP requests in this frame

Frame: https://02b396fb068d41101fee058d08ed9614.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 201A7495CBBA8E3BA7B714E434FAFA89
Requests: 1 HTTP requests in this frame

Frame: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 12F530C1C63F062D95FF6579A0D6D32F
Requests: 1 HTTP requests in this frame

Frame: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9E6FB05D51B4CA7375274D5C022B5078
Requests: 1 HTTP requests in this frame

Frame: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6B965F9C9C46078A6EF75D8CAB8D2999
Requests: 1 HTTP requests in this frame

Frame: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 21C4D6367FDEB1CD661CE57F8B3B7E08
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8A2BEC67BF7E6216C5D7463D90DB5504
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A134B63EA45D5E4165E65C7B09821A4B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6D6CEC4A2306D311E9CDC693EB44B629
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D9D35DD31877476831F1716DCE93CD61
Requests: 2 HTTP requests in this frame

Frame: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 80AF2F88CBBC1D8E2E776C2DAB14153C
Requests: 1 HTTP requests in this frame

Frame: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 86788ED2EF5C7880DB90C85004760D9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNW1A47ost5-uUp0bzqnQo0Cqx7Ac2R5fK60ViH-Fh718BdHAETR3tS_2BhK9N6zKxt022XLTR50vrWZbsHGo5uctZyT9fj8cqwpP3Qmn23ATHx4C0rAK96ptUtQ9ePoN3_yOShvDiECxvgJ067u9vbOCb98oiXT2wCXLf89yD2XBvq8Zto
Frame ID: F1175D21CEDA14507845B2D7ADCE263B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCq78oPGljshZjiaZW86CWMDwDQvFatQqzqGMB_8or6TGJUgkLkkFjPn3vX-exxfHuqzi7ryr1weuru-djUhfSSckw1xyyvpj68CwaLnHUx1HT8bhmmEJNfHCFUcW07RErcldMIbfuNX3cBvKJ9apQVdV-oA&cry=1&dbm_d=AKAmf-C7-Kdl-AclTxG6Qs8QOdbAfTdezCXl7-E8OP4QJiz5Sa8HHFN1NKqesQ9yt87DUPUcTb59DhklZWgLl9a8Q3o6BFsbImnkCfO80wO1rivnJmcC7ffHoZteyQqicHWsBtkyDrZmdZAuhKwE4fvcrmnUlkDm9ITRSBouDAglCcsH7P7HyRm9-p-IY_XJh0ysnxl0x1UqglEtfpd6rJUeiTLKAdJzPVyaRrIk-FePGP8lP8TD0R3Fu8_xSmsBqg15WXSnFW7jx8Uv-Bgm8_D5yJkOI0QvH17Q4qNM3b4UFTtqcP7dU_Xc6y8rWpOM3Uf20UowevBvGY4Z3eYkRg1jOA0jh0itT8E4Vu1-v9HwrsFMtlkFr4ykW2ei51aKLS4VV6NIGtmkopbtR5l1ybXmONp2R0oRq0cpJVo0b4bZCwR6UGWHLhm-RKqHj604mIqEUfCxx7HGahfJ9vUqNBFDVsKZ-EVWvot8wSwwESpSlG5YTk_A9pdVJ9OnxZq3oIxLEJ8kdzTvQ8l6BIiUzJVo9fWPOfDqEJl1jiwjHG7OLOtJ07nxQlGEy-4LkgdONCagnHmNMpSTKKyCRiqAADPAqIFNwSGK_myr5sqZap00RvcGNIyoQZ6eoDgkPgiMmxp5zvAJG-Pmn3CPG87qVKEvYqeEprowEm7zZ50WYuZPJ8Q_w5LlER6i9ajz49T9H5b3AHRJmoWYWG1F-ht75WTMQYn_BeUVZgQB_0yBpiQe9FK2BoN3w1OpXBBdIJoz1h3vxSOyj0FhhT9V7xF-YzTn7uTIbmZLAH8QL1xi3ynXBzunHiG9Ni7R53k6JoaGN2EokdXPg2YSXgTwMIMA7rLhoOSrSt1QOyVEsOTm4DCW-_FFObKhr7rlXkCKOAdTN8ImnfFeMIn_uhXyhYR-yTbIRsQXQeviPiyIfVUnFQx2rUFCGtFoB30RIZsvllTBZxcQzAa9k2o6TP9fqJqxIvC8WpmDg1c-Qfmh4mXZzEmkhoodUY0W_52bQc_P-WXyxiYuq6wXud9ujy8kRjxCwu_sSiunJClGlMA-7SoFh3dlm8076dXbi7n8qYlnMGTq2MrnmwwOuGLC5jw_btzGY3WVXVNVUu7Gg0XM6ZuOgTINlpYeWCWBPqlhf4mIiO76uheoaDVXK5s7QgWTcvyHOYfeT-s9gXB5IIhK4CDK3vEPtYQ6HmUsT34JWQvaGBqMD9qLIXjse-dNAoPdkDfqIXO6SRv3_wLWgOwryVWC0_RPSZG6Jl1nrXHQWQ8l5pkBVITRKGCg0g_6_Pc3bzeQVtEm75QpaiX550jxaM9aGhbRti7f9go9-4eFk0uckf8zG2d0gEwN0ROoZwevmaWlNIp7dY6BR9DXgxTKTlS2S7f5GYfoCOeiU6XtcttFaBVUHPobciDob5gSU1c0b0leBfmbhBTS01Byl3lQpWsSHdttVgjD0o4XF9Wdaxrrl0I_wkNl6GT1z1BuiGVAgkj-LbD5FuJym9E7ZMFnP5Bqp9pcOezblGiA7hoGLGGdoOqz6K_m_2jhRf8QWkb3kEf1badKhBzaOTrRYSe2TND-bhFw43IvLGQk-wv06A-opBRKk0XcHBtCfLLC0O4pkXqKte4CAntiSncFSIqOf177utgjXlU0t1tFggCN5JIQK4X6-n0_craUhfrxXmQThGhIrukLrVFyJxMg_1XSQSbNCxvb3upgmUU4yJT2t83klM6ytccDmTLlYVJr3rFUeQzNKBsdl2jw7Nxz7cd7roUhOucJln5xw0TShHoaeaRtKnB4vnXXcoD3CTXsjlWFlPBa89TB4BIqr3ZMTz1S_MYigEXd9z6MiV6nyXYfgPzT0Ph60PdlMr2h1I0Zy96HULCuop-HIIpfqk3ai0DG7oPID4oQ7Yvg57WE9jZpVHtW8bEOi31V0zEQLWaT3Go3X7jFRMTiLn6LrFNE_SXV-jqYMdN-bETfEDn_L3ku8k3nbXzl1ib5k7_Ki1HkPojWGnp_jYXJlMEWpya1WMYjnF1XiO9cXIUyrlJ7bRCCgyonAWtvu78LQtHaHUzbmsJUlLfaivRrYsMbRoFi-ZxXN0LRrhsmrCIZtmSFVIdQfFPDly8H3kEOj-GvRipa2c0q_vi2a7vxBZjjn2yo0VgZjPNtyF-_gxt7GosAED5OAnr9-DLbGV1Tp86TGUCxf2920dPi6P1iSdz67Mh1eRdq_YpFJR4nYxLQaxTtb97c44AabTkLIYmUCBUEPM4zSgeEgsqXUeIPFZoV40xo8pHCc-QTDHfBD1WWizihthF19OLUvXp1t8rMm4gIxIHu9VATyyJH20ArfCskX8Wyth0FcsYN7eKYKBX7UKYlAIJCTFlQA9mQj0C9lLHsD9t_is4MeGvkoEdVK8YyqoiWs3B-3AYV1SuhDwdOpZJZTe3QCkt_8p8JTWR6qtugAc3IJXGBGYewJfj0SK_d9Xbm3yaqldjeIu5YcCCY2ZKwiWaULX8Bg4tR3zSErFIT9KGhp_3yMBZwRTca71TMUWiopNNd_RlIAs2NQ5U0S666MPYqkhLrHtiGd4P9QeUwfpuWn4nJe6R0z-P9UrOzkDA55kwn-TClE6WdNw5effvCPNTwQuxpCabT97CZZnuHLz9QHxHqS4QCrOwJpGsZOxHOeOVsxqxPZjA7ySqHHT9VuNwJ3UDpkG5XlVsXyJ5cPRU8oRR7SRs2waexEvlehS1rSMxG9vTc0PgJRMuNadGs4WdS4tMpgAVGn29Oqqo-N_XR-J06a8zXJ8RxjdbihIZNZSWC8onNNxKV72auUOt74OvV1q7TUeuqaP9AZtGbWCUG7Li1E94ueqfr3mN62HlV4Xz4h48gr_ReaUnwgMCxqAmsSm1_5PaXq4DqSMqFZTtN8k2O_iYGT1Zvd0KabsYnHz3yXeAAUtIvQ0Sif7JQmvvxmwVUS_UecYjmcgiw6tKGeN3WspyAy5ZX31PEYogKIYuZ_k4pjy7WqZiy-OfPjzgU4sIvBGOQ79LcfgPIJ_fOmSC-0hoIAJ9yqAoSA7YuYf26oTpdhpj-KF6o2ZtZ_EfJ1HxNjDHJ_ALVhef2EGyVurVgmCzLfdQmFhBlXrIYX_n2KPFcb7Mw47GBlb8VlDI8V9Y7sdKpW1Yh5M_8TUv1oAAUl0-clPBza14t5dV1IQA5Q6ixmjrGmPIgFOUbsmTutMVk48F6SvaSYPgtKVP4Fd69PVVLIycZsjFFx2xODKh84JXEtQ3RKEvAJ3ql13HCznEFt1fQS1royelBYQaBv8lSybUgCR9PSHi0uGmWlu4VUuKa6Yva6li25hn6Ve2Mf1io_7Xt5YG29J53abyIxZ9YVga37r9lt5Wlni89VxZRAuPCpi8OFa7wkvWX5ALIjj3MBGmx4pEM5Ex4fjPEl5sMdssJdp3SOUY9uswh1gygrMmmU5ndBu_fU4rSIvEJurJiE-PJqxmY-0tyJu9i5wYRrkYnlTAwblNdriuCgaVoL6SYPWzw9O999ASbjeRD7POPSSnDO4PB1CeHOOnW0bNHajfqTmXxxN_1HmI0WxISKDh2Su4As0CYyZwrkTBts8OMG5_KFK7FMyYl8D7dwia4EJQXOi1-_NNK0rAM7b_K8UeIhOEfEvbnkkMKo7o&cid=CAASEuRo1AYB68kc9wK5nOJBbODohg&rfl=3%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240
Frame ID: 5B4E4521D1934F4D283C02D0F59787F7
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV8Ck0taxEE8XzgmP5WECSXZ1rJkaCCqttrymh-srFMxdLfUDFo1cNBlYUOnJLxXsg58S113fjHcuU2SkIyDUDVf8EohhZRkwFMFpjJ0TTRp0yLy848RrpHKiv_2BAW8-mqfMS9jXjN5dUOyPBijnh6DCFtmUO9dX-GYmz5bYKjiWQUppo
Frame ID: CB27D36EE6F68C5ACD14D26773DB7B22
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4CE26DE7E175E2B7289AF39CC9127070
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 950F9B2F7DC599EB38B64492C419F17E
Requests: 2 HTTP requests in this frame

Frame: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5BE1D38D766E708444AADEEF89929576
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYsqK9lQEwAQ&v=APEucNWuh7JLNOtonHawDK69wyFi6k1S2GQvJ5qRjSw4oQE7Q8cTld4Wk7aRqnmLBI8JvjfER87wzGq14oBEW2Cgsphvn_9XbO3q0fXNFqW_PxHfYc-WWhOIbaHuHka5ZhNdaDMYX518XUGcxIy24Ptvacqi7Zh8IBCvCbBDqqov-WYAqO4nUaY
Frame ID: DB4437989DAB9E3B979A7E70F2A2C6E0
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DicTN1MkKdJGpqXUUSjuIpPhCoD36BYQXyQ9a4qVcGg1mLVcndnfXQ0Qt0nvQcDn-g6L4X9hsvCjQBfTwA4eOtSeqyk7ZTE4j-SM8OHc5Ue9JAb_cV1l1Ytf5cppg7NgJmJuqCkEJg57zmekHGqjcUG22yAg&cry=1&dbm_d=AKAmf-C2HI2J62Zc0bl-3Zo8AylvLRwuQbEgBAI5Ea321vtEjK-09KpCB0EWuP85qNbTwBlhlDwZQRl7AA-e5Z0ZxnKTaTJsOLiOW9IfrfpREvAxvWwCF8ZI4P-iItEOWZxc6XHGbuu0ZhqpghdqnmoTE1FnUALyxK1f9reWllbLX0BQd-cRUYJznTr_NL2lLudGtgdOQakN0iEykMilo1O8dkypz7llgvs9QSgk848IE2QK1BHTcKJEMe6VezSqo1_hoTPim45Vqv1PGG-4UuAHQzet5nYLWhW4AHkgC9eqMVxtT_KkMK-OqR6cPGwxXpwQT5YPBp0TokItJH3gH7zD_tULDSFG40YSSxA6-z7MAqcgb7fdQZC-N_CDWoBGnU7mDVmxS6GbyZw8E48iU0CM-3o9V5ctKvcA-a-QJRJv9s_Wu62C2Rkxm6aobn_HctIm0U-o-bAiH3OEbicpeCi8OZ6axQNR7I-cz1t51lWH6-3UFcebZpmUSG48XlYlimQQnPsV1JTLOlnsOsyIkGc9Dqcm0ouRujM1S27Ub44N1JrjMEwvEqDjr2a3vDDeXuNVaJi2c1Id-ly48jqGX7BR86VkgkIm9uuuzV3Rz9tl556PYvEf92AOZQsgPT9jyyLVTICoeV0VspjbDmu_ZzPV3NSmljwGRTYeg1MASMwg0GQ1Nnc83Ztw-OETGWrXj7UQwin7SsmiH24k5mGCRaZ4x6kGSw6D2gD0_wQqRXpNofK8ixP79su6kWEZvqJY_3JsdjZwVrA7iEg7jujpLEiBIhR4E6tYZNcsfuj-eYyvv3UsuyFOwO5dwcnD7ryOR_pMQXoS659Dr1L-Df5tkOMjFzNp53UG3FiCdzYQdUpsEhCVBhl-LV0zNw_dc8KhRQLW618pSU54aB4V1sJ7c-x86q-6m5rqt9M4HHM5-Hb8N8HKySdRAakbvB5aBVdYVpOiQn_d3E8-3U9E-rXiUkidZSH2fpaAqsUg6xlovauhgvprvyM2G8AUDJ_6FEsqUK-xL3O6eD-W3w45N30ImrCG1QM1iAhpNoXTXMjQADSJd5KlSIHPT0gRAfWfYEubGrhDYWe3lH0qcIKWhK24CEW28AoLyIVDpba01oN78-e2-2WtJqiFQzGm-UOM2SjKwzD4ljO6f_7wXTIMKnDhfVis1jmKlLTbWe4TvcRRuyQcgQwq29Mjx7FN0wdWrXoaWiDizAzC8a0_xShmv6njYglBBYg_mRAGReXJ8KvTLoQp04dpJP49lExR424Epwn0jl9Kn1uSlb8uEHhr0DVQSsds-S4ZiSYYNF8jXNYs0bd1-GO3ciaRR0j5BDY5Zl4ckgJJdm0PmyrqR_Z3_zf0dQtB9JPvESnHX6ARb28dRdtdEsi1cPfgHCRAlls1I1kbI7X16ZYF6AyRMKI7fxQF0GaxvDWyU-AyeturzGiQyTzjyavGmnFMKbETl9V7RK1SHd0putebGdkeu-OBNVPDlCzSe60RyyeAvAaEOHEyrtVb45CNSfrGb8RxwoMXLeq7Vn0PChwc_IFPAv0hbrwI6qGOm35aJR2E4yVH6Abexwt1-DQWJgGFcgvod-rgBaZBXp_mlhN9ak-8ZI3SsfOU8N-3OdmnA8AZxC3Jb5GB0yL_JeSOU-cPIhhJNV6OjxRjO5v_zIGK8gRM-jpPtUowP-mAuaeF_TB8ePYVUeKX-Ck871qnbSeMudunRG8t43Wmc_3YklnucsdjlGtpn9oyY7LqMLm9XmC0HYwHmJFcOlU_hTZZcHYg-8TmR4UuRWoYUa7MC79QhDBw7U4hsnLO0T7lwdkWKjK9ctnXYMnZSNQlG2bdUdkMGrmLYYmFnCUBJ0zeyEEL8aWmClVuhZZ8DU0Hoy6rjHsSxEVtE3bIiFBS6kFTymMXRUOMg0oOLnuCib1FmKTK1JNF3M-TJldvMusaeFZ0JnJVFu6vsDqx1oRze8-vJRl3TDO4JG0jCvgqbm1bDOS3fjvJkOl6NFugykG27hS_hjA_FzU5qsy_C9N0NBYkrF25y3MrDoGQ58nsVFDqPs97iOS_PGWs5QkVHDq6dm95JACg6PavJD43p56EK4w4wUZMfDhq2f9Nbm5xuf60e8AXUG8a97AAlIx9R5Hd2Qi86JTuOzsE83puUWCwtJ6S_W7BDfK5uQIfRY-xn0ZBez2u04fssZKdX20bjXTgB1w2pBBaKQV82epUtgGm99-7OZYo1foYeR5izk3RqWyydaoU--lE9TnxdjD7qWc9yX0Vm_XVSpgVzkXcmACsGlWvdWr3eOJncvq57basY-M4CAzALmQDXOy1iPba8rWEB09cDw5clQPXOcbNBic3IdM7KFTCAx_bxVUX0rjzTt0mzb02VfRNgCNfSZEsHII7IGuv5CYRKtpCNEoFHxNc1XY7eZRJlMTR8Zl2fw4124jX02IMSsaJq2MOzDnG27kbujF8IwkjDT1-fuf3Xu2zrkeS8eEfeBkcYsPuWu3m59uvfSuAwPZkCnMS8667oLTuJA5QdRr1qIkGbsQ8t45SMI9QLakYqUI_RFpn1OJokeIPea6Iwy-7upMB_ygD_WEbPaeU1gNCOu5uHM3EJMJkzhdDlRLibufWt9zFScCgwXYkiQ0xMUm-AdMaxfC-8bHTd34zfxqDmgdNm6vabBFPhmtXyoA97NvfYT3FuR84csGKuhMuzeMrwOyJVufIDInibL7MWv7_8jyVOZU-b2WHR03GAF2FKupBE34iCBulcNymSjK5qw7JDmQZfummMbAlTknpeqIs6Fc3NpVl9tLrb2yfnPjyawPvI8URFfwDou3KT-FrfmjGtwUL0S5kDhkdDEdZbaBP7guwl9jwxpthUvH_vNp4XzqkHKlAYhHScmlL7xcLbeBKcBUe7tCMrHdGYrfB32dVrZgyjjq49uMhY1XWuIW-KxV_bp62EV-KNQPgbkp1AURyIRHEX9Zoicyg5kVHVq23TEvAjRSM1KP6L0zpfWPLlzH7S2UGRfI4cMiqctgEeBiK6S8LhCpF24tyVaLE38_htl1N8loabi_MaT7SKxJQSxLNLSAiA9egqG4Mg-VX15vqEA1dLSV7mCbMAHM6Kky74GfxHBWuiOs7M9kOEKXsLQFMgkGbX_lwIiPhZ0rNJzCDGPrizcUs7Y-3FRy5UF4e48huCYB8c4jRWKDhFxikC6-tSBj93Ax-dJ1e_7SqdViU1Lw_i330pDhQowv1nIjvSazKA-Q5msN8qpVe46Il4aFR9KQS2aYzn93eXq8-m9HtvEpsHbGqocukkpGdF4-QmIdhv5doI2iCeElQ7-Z32rpE0a6qlWaxU1SAG-RonmSjmGrmzfHO2AJtzmQg9HaJuLGoaXMBezg5rrItkht4Htkp7IANhYwWpj0jUT439XdgjhL2QvUs-xlMBTVW_dsKJacmh8qQ8uuie8ZtH9ZcyvI&cid=CAASFeRo6S3l8rOBcMKTrzs9vdNF75UNYw&rfl=3%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240
Frame ID: 942C8064F67A1824529381E7A3D2B8CB
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AA72E8CFC854F472C75FBDE6E8E56EF9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FF9F92849DC8F45B45B5CF3FB25299D6
Requests: 2 HTTP requests in this frame

Frame: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3B12590D878C6A386745B93F022593A1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4026A56460EF594F68344CA91CEECA0F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FAD78CEA611A487E3A25829AC4E17D42
Requests: 3 HTTP requests in this frame

Frame: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 14D5369FB693363DE362A8190C286A6A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkq_ClQEwAQ&v=APEucNXuqWDFLCM4n_dquwVvzrTLjU2jUxGvGhVVRgueR5AzrHOOSRVTZSeOoFmm80w6g8MckCWBcqibMYWS_-SAuRUAGwZ0dNt4HcsFO2m7RAWvfhkGawl9eXIIgsy72f-Z-x_0K7C2e5AOWhiM4vbXwRHt0zru7Hvq5PtsJ_6j5PX4s3CHhd0
Frame ID: FDD9615EAB25A5BF93F9873058888C63
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClLH6kq57Lp6t77RgR1EP4St2JMhsyrll_5p8apy4HOh9rvcOBT3N3oG-N5zUFnmbDhfEOfkiufYFbdGsAo1Rvkb84QIBdmVc8UZxJeM-BIwnzW9P4DzPAXXfTBMFZu9Taf8BpO1NgX3NX8-c5txPpw0w_RA&cry=1&dbm_d=AKAmf-BQPlTPIdMU-ZSEiN-Tpehb2IBDi5zgfjPlE9W7NWO1xVO2mDYq5adOIrW54dp2b3tQ1IRKYklvd5_I1pXKVaa3yJcx62WoGfLbv8hh0gtGf3xGAPym51vFafh_zsFFPQRGw636gmud8tl_qIJR5aQ7rLGhSgv0RJsIlna0u-J5d7jbfoXyUOLLUn_KRX1_t3Wsqh_9cNwZCZ3ZPJEYDCazENbj1EX4b53zO5GEpzZfi2_1HDA_3J5t0sHxHJrt9dsgzIek8sgDXGapY4J58RqPHE4LFKUDN8YUC7dI4CT6MwEgjeWVIEVrtknC3NQyzfjXAGiR8kUsGpJVGUwtwPQ8qkgUOQdeSiQZvwZd95Z62b457WaY0QmaSE4H3DJ9pFA6rthxoOf8QOXz-ESHL7VdjaPiLQJEeC-0-n3ix2CewMOKz-Qdb3-pn1eKgcw9dqQJ4tQkWR0GVuBKsp6jwj0Qu-KLovow3GPUom_qKRwx23yDnKafM1pSKFiEm6CUxzjTAeDea2RmvbiGM-VQhnsalNI_HH85q3Ddjh-LYebsU7m1yuoCmu-Q9RpuozdT3zhLKZevJgmg1wOci6VVmNXCOUkHVL4UcuckVSzl_GHfKyCs8BYacNnVZ_Tkz04M11_Z7naUYYwkyMPrhS_r1pYss5b0-16S0rEbZocK_YGnqr6MAzdRsZ5al8F8RNOJ1dcEvWMmrO6UX3qtlqUf5SNGTpa_x5_pT52I7LiJynZ_eLXe02u2VCx7HsjJ09-_vbSTeDvTbFbSYhrip9gAWxG5XzwSoPEDTli3osMDnvLxarVEXUpocV__1f5wClEPHnru2zha_woB5f8VgJcunDaciofwx0gCFVfQjyByYskqupoPPWqwL_eVeAP8uVpU55viGdvwVF-EvjlkuQo60Q6aYtP6rB0HFvT_AgyFPSsh0tMrlcjgGC2WPS97XwDoDiIicS9_hXfl1CGUkE-KLtFA0Oa0CfvWA--0n8DwpIKWnfsOEKCsZKU_YQeIt-RlFLJAr098DjaQ15DkVE5B311c-ZcSYu_fx18hbuAQHf1jzBcSmRL9CofYqi_25P2z-hhytT3pQvAs8x72E0IKBOmv0Yq1v8rIfi3DreQ0vLNuwv_ZyGOLQWTrwD8PcbFuR0tQXUsBJL2Jnd7rtgXOWKcfnDfh1CiF1VxIMDyDlQsc_J2zRNOZwJPIENXncjUhFOeIQlLA7ijfFAUsXquk5425Lm-a2RsN3J7PhcwVttxP5RcIyWyqXQ2_4BTB2DiFJ-zwiNr-9R5DVRPV4BafG3e81b5rz7OwJVerbekY3WVHQ7VsJ4Q5lqy8gikeps0e0vrlZ9Ec1CZ_jv54QXAPpf2SmJQwexHr8q6wM7WvSkRB_k9bhA3F3cMVGnBLEMzgzNaitmiMu4MCJkQm3HrP4aHdigDZtTBhi4wCnFZyssuTays6ZAR-m8q8PdL-4aGXqA2BYGHvqhBzRzlSRzMIL_cujRUHG1aa1XLS5AkzgxL-Z7Dbzk4aGTLS4jeTvFSGXs4By2txy2bSJErAFq1JaVYZ2-1GKj_Mmn6AxY_Y6HnEfI8sUofAUJJUaH5DNHsP6IN8MIroEIYRbWMXyQcRpKIjIJtK9O1Ti9S3S-DG1LBGLYx10jT6_GAs3TeLmMcfxM7W8GUSK2heZTTOuEU5rwhuaop_qVSITz4Lfi9LAvpkj9zUZXvlYlR-cCU_Mm7TBPxheHB7frg0hhq_1RtSGxheC6sw9o6v8v_Jr8066bWis4QaE1UDHh2ySDQwPczJUcMcIXK1yxVV3SanfsT-QRIofDkLMR5oc0NRbyoCb7cMf4kUb7bIUqWoidxm54eZkS-3IE6E4VQo576hrHQeGwXjFfXeXpM4761ybI6PtBJIkvPCX_zCev2HZ8n2lQsrr8AWYiGjCgywhsotoTqFJ8NByWYc0G67PsmrQ78VyWTXR30IYSVHZlOVVe1Fn7mM4g4T-k4yzhfycZ_QFSS-wuW5V8UeQrkdM8Z5mOnmISy2ZxA1NOEwY61UgvfwE87W01pUpnaeMt754H2CvEsIu8KDXm_XbHgE7SGud2HTPy4wf1_0Sk_k6Br3MTWBGRo8AUkWjIPkkSeCAuzrwOLhXaxVCDJqykfhTCczO4XQz966AZX1PwqpKR6ovlspHPCF276neZ7ht8kjk3X1PQa6bfseS1W4ye8xb8t7megKl2ZR6vYSmzYVByeP_CQTFFCcR5MhNerPWnXnT7KgBngWcAIcabhpLg5vDBYQncNnOz3oCGba7jkYfHzVICdJp6ycCMMrB8sObF1gRZrNOG2LXdnDrukL8p9zwLs4gjG0SWNylL9XvacrbcLfT8clCK7Evwjcn0kTM5fWSuktSTylJj51A7O0Lzb0oEhHSYegcRDaLFlTLgK0FRcbSIMQFkD7ZCIv3Zhxg31EMym6_GvLY_y8GdQXnklLfvsyGY-SLKjw2-PFDKk3FFq7sV76KjUOqnpUlqJ1uVRUUcikuPXPvPWH-FGQy-ZCcvw5KU-bdY2hcRpwVxVF-C-BjUVPfQ2wNE_X7YUOXrBu9oy5muSTFsWI2nGGSDC9e04WLBQcoRrfX3geaXTZgd93_nrbJkQTTdiS2MKdNF9T8XF7xsIwLobMoUjzbtXae47MW6Vl7RRCVWgzF5W5oe8J0XheZ95b-PzQSFPcRzcXVyQ8uE131rk5sHlJI0kZSxt7WIp6To3LMykZz4XJz4AW4mM0ASgFzyuH7dNP2TcousyFCMY8CvMoE4NFc9kFFQhQJwUciWJMac5TdWRuVe-q9pQBLYas9UPy57FzZNZveD4VYkLO09XSXgv5FBVs15Eu8nFAUF1XzoNyURXARxtqYup9s0KhM3QX_aDcaOu5UouPVsZv-nblMZCRYuPFcDYf8JRhWfLHjfpcAnj2xW6JnaKoBFzNMH407ohSPaVQs-wx86q52e3leJ5PjRZM4AscJmPgI6WRdzKl_dKPaserBnB-78BNFY48Bi3tTZ_H5EMhJzVHgPTv1Oh_uHz59sfvyaL0XN1TUbw5tgEZYWR-yGNY84pKcYs241-SskLXpfFFaOM-VXHxDqfUCB_hpqzugk-fjIirdqIQnjqWM_Y1zU63KpRTcCKZmnGX7KtqJDqsbdnVxISz9KXmVe4VpaYB1ptbxPYeqsmS1xJvRpjYvyo4otClzjI-2QEpkD8s25u-PPUSkdl0mnxyixBCDjF2ftY4mFMheqKbZi6LEYaspgoVmhaPNAsylA1Oo0A4CaSdUbUzsljug_WbxtdGkAimm1BqdSev_wuCvFgn4OE5rWOfwti-TYG_V6RGaRGEgn3bZzCJi72yyRqhX64qkNJ2jlhY5awDU4e1NBEIJLx4S2ZWnVWMQ_xAQgpLnK1qRgVH27MA0vd-0NE3rdHSiOJQQmn9VSXYCO-azIM&cid=CAASFeRoA9_WC5zA9LHXLOCdx8DnNtu5yQ&rfl=3%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240
Frame ID: BF90321394FA15189EC07A58506B1DEF
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 77EFE6556E86F568F6A0C4613329AA00
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8965689949EAFBC96809BECCA362E405
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5C280BB618BF644EA859ACEEF65790F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKSV2rIBMAE&v=APEucNV94qkYeY_8o1EZlOKDTL8ZGCBc9orJz25DZblf3yh2ZTzQroWhy4BXitZOPfHXqJiydxYaCCWGfPIah6GoKo_PddxxwAY4FVpCOBCprSLB6kwWu0WRb9nd9zMEIzXOBwykbZDQwyXrrjzfH-MAiClsMy26We-5AwIfQgU8G-mRiZgv83c
Frame ID: EFE737673752CB6F849D5917ABDFFA64
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 627FC1A5947B215542DE17F7D0E5749E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CCAFA6C069474F8304D6A621D9C02063
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPnUtJ6z9PMCFU3g1Qodlv4MGg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294
Frame ID: 2A5819B3C10A6E838FC9A8B67D331774
Requests: 2 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=76377400049952300710584011764019&a=279cc441
Frame ID: 61367E794066518F8ABABCEB023FD8AA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 800A675EB54B589F3C453E6C6691E603
Requests: 9 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNbTtJ6z9PMCFb4RBgAdo8ABWw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637
Frame ID: 0EAC33DED8F7A017B4233AA3DD702303
Requests: 2 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=87700600058650100710584011764004&a=f475deb9
Frame ID: 2D312670563748535F702CA2F7A06C74
Requests: 4 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJLEtZ6z9PMCFc-AUQoda60OCg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995
Frame ID: 37755E8155454B21BC0BCC11BB0B5FA1
Requests: 2 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=80669300059114201084668011764027&a=bcde8978
Frame ID: 78D675F7D18E0F6A86A2782A6FB0C9B7
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DEFE364169AC26B8F8DAA677CBB86FBE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
Frame ID: C80CD65C2D374BA32E6478A550BD652B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CA931E9722958A94FC93166A4EDB6A92
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 731D549AF10FC825AFC41E2209663740
Requests: 3 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=89228100059115000710594011764027&a=a66851dc
Frame ID: 2DB013918AABFAB0631BF08F54D6BF05
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости России и мира – Утро.ру – последние новости на сегодня

Page URL History Show full URLs

http://ytro.news/ HTTP 301
https://ytro.news/ Page URL

Page Statistics

412
Requests

92 %
HTTPS

36 %
IPv6

58
Domains

89
Subdomains

73
IPs

11
Countries

4270 kB
Transfer

10839 kB
Size

85
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://smi2.ru/
Title: Новости smi2.ru

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gazetautro/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://vk.com/na_utro_ru
Title: Вконтакте

Search URL Search Domain Scan URL

URL: https://ok.ru/utroru
Title: Одноклассниках

Search URL Search Domain Scan URL

URL: https://twitter.com/YTPO__Ru
Title: Twitter

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/ytro.ru
Title: Яндекс.Дзен

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=85047

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ytro.news/ HTTP 301
https://ytro.news/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.2 HTTP 302
https://unpkg.com/web-vitals@2.1.2/dist/web-vitals.umd.js

Request Chain 40

https://www.giraff.io/data/widget-utroru.js HTTP 301
https://code.giraff.io/data/widget-utroru.js

Request Chain 58

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ytro.news/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430%20%u2013%20%u0423%u0442%u0440%u043E.%u0440%u0443%20%u2013%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F;0.6291457053516987 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ytro.news/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430%20%u2013%20%u0423%u0442%u0440%u043E.%u0440%u0443%20%u2013%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F;0.6291457053516987

Request Chain 101

https://gum.criteo.com/sid/json?origin=publishertag&domain=ytro.news&sn=ChromeSyncframe&so=0&topUrl=ytro.news&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=43PdbnxEUWxWTWRUMHJkVFZJcS9wNEhDVm83Mi9xc0xES1RlVVVEM2RNUTl4OW5EUDhEbDNjYm4rdFFqN2ZuVVFFTnJIK1p2bEJQTHJIWjEwUUFpanJnZktKOXhOaUdKVjdxeTJack1pTlZqLzVjN0VmS0NoUUVSWWYxcng2NzdhbUh5MTA5bHZWYjQ2TFRXTndWVWJ6OTBtcHZUM0RaVFQ3azhJdVB6NllreXZKYjF4YWZwYW91YlMyb05RcjJSMGZGLzRRWUJoQXRPS3ByN3Z3N0ZvV2lUZE1uaWxFZW1wanl1Skp4OERTcTBtWWFMMlBoSDFJZVk3MW11Sit4Yklac2trTGMweHRZL2NHb0piZU16Q3BDbW56Zz09fA&cppv=2

Request Chain 134

https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=Vrn6U3Bf HTTP 302
https://sync.1dmp.io/supersync?t=18af24f1-3a32-11ec-8677-901b0e934d81

Request Chain 137

https://cm.p.altergeo.ru/relap?aid=Vrn6U3Bf&nc=od54SyKk&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
https://relap.io/partners/altergeocs?uid=CMTh113tSxQlKt9KDA6cPQMA==

Request Chain 209

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 256

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5q1ZXrFHRH7AovCYXXPVY&google_cver=1

Request Chain 257

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX5qcr6t2CdoFiWhiaR3UgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5q1ZXrFHRH7AovCYXXPVY&google_cver=1

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIyhUl4A0x1M7EVN_awlyXI&google_cver=1

Request Chain 259

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk2ODgyNTI3MTIwMTI0NzE1Ng%3D%3D

Request Chain 264

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENAyeQfjxA1llvovxEzXirA&google_cver=1

Request Chain 265

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTdlOGRlYTEtOGFmNi0yYTA1LWQ0ZmMtZGQzYzEyMzMxMGM0

Request Chain 266

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFD6uwBupU3oaQY1ftJU8wE&google_cver=1

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEgFKbFWf5iQfQlFRKAVTks&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEgFKbFWf5iQfQlFRKAVTks&google_cver=1&__user_check__=1&sync_id=1993e630-3a32-11ec-b26c-194044dd0206

Request Chain 277

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=1993dfe6-3a32-11ec-a165-17d925990106 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTk5M2U1ZGYtM2EzMi0xMWVjLWIyNmMtMTk0MDQ0ZGQwMjA2

Request Chain 284

https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0491cdbed5&subid=&uid=cb26269985f4faeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6e-acmp-YaHKD5OBjuwP9rSYwAKP4PiGU_Woi6TKDPAuEAEg1J-5J2CV4pCCoAfIAQmpAi6C9C-RZbM-qAMBqgSHAk_Q_sj46X928DPa1IxcWol930z1rebbJ5g_PwHiWuoMxUMT1pBoFxmwWheFcIaINVLkFssKXqPXc2bEvZv6O9cRyEGxZQ0vHnIsKzDTcD-vsf4niZShOTZ8jsoVNcOvspt-we7dreeVD9ZNuU6utLimchSyt2J60CEKjTzac1rDV6xHw4cLxKlTNRlv6bgxNdIkOjWHQ59dyKvpDDHS1jMbUIuAQDYHoo4aJfVy-U3aUqjnL12-fLJ1ZM52Lluabv2Ptodm02Mjq8OzP69W5g3mAKEItZ7Gl_AOmDs5EnMPcP2qDuiXfZ8A3Lxvp3FJXf-xSglte7Dbfr_GVJSbt7cTxBMhPGcywAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo1AYB68kc9wK5nOJBbODohg%26sig%3DAOD64_0_qd1psJx87DtNcN9184P0EToYUg%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-CRswRuOfR5Mo_KsTMOVLNq3FnE1-GoD0rZWf4u0hCH_RO6afpG4m9ZpjRD6M5rHI_BAOqmhmbQSPpDqgHqcGqmsccaib319mxIP42rllrRQBmBW1ZZUf_LQYBFb4172Qm8-SCVmbhVcpLnaL2bPLKTzcjaqg%26cry%3D1%26dbm_d%3DAKAmf-ADYxG-q6ZcTtPADTs-P0PIO6y7PAn12UXHrXhnHNRPcybllZyuBHUyBg3NqVDxbAlifGKJnBkqCFScNtlxnZxIBuAN0EQY5ylcTqQ7GNPz2nUAv69q0yT95khsG5kaFSwjOQaxkqBUsE_0uqP8ztGLzrOCk26oZ_Sh-T2iXzM3k6s1xrafCGX98eDFpO9aUzGkFjacC22C2qS1k7DFG2W7IYnFQ-1F8zbYXPpXasjH6MVGyfGR8ejPSstasMPY2tIg295rY9rYrO-qhkjV5Ja4Yqcj_n36aVoD6HMfGnPmpUAvffZ38_zsED37mlDVjQqXP5WcOylM7bc13q6Wsnd8XCdHe8Q11vQxmFU0RP__JSQPIxMrhr5H2QSrUXDW-Ck8zPHRq6xn5M-qLBFGqlLeWWFHbbv-cAh_RrUgoRKZmvkjCnvJ-1H-U0pb1PD8T5pcTrTz%26adurl%3D&documentReferer=https%3A%2F%2Fe1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=https%3A%2F%2Fe1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=5557385533758&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0491cdbed5&subid=&uid=cb26269985f4faeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6e-acmp-YaHKD5OBjuwP9rSYwAKP4PiGU_Woi6TKDPAuEAEg1J-5J2CV4pCCoAfIAQmpAi6C9C-RZbM-qAMBqgSHAk_Q_sj46X928DPa1IxcWol930z1rebbJ5g_PwHiWuoMxUMT1pBoFxmwWheFcIaINVLkFssKXqPXc2bEvZv6O9cRyEGxZQ0vHnIsKzDTcD-vsf4niZShOTZ8jsoVNcOvspt-we7dreeVD9ZNuU6utLimchSyt2J60CEKjTzac1rDV6xHw4cLxKlTNRlv6bgxNdIkOjWHQ59dyKvpDDHS1jMbUIuAQDYHoo4aJfVy-U3aUqjnL12-fLJ1ZM52Lluabv2Ptodm02Mjq8OzP69W5g3mAKEItZ7Gl_AOmDs5EnMPcP2qDuiXfZ8A3Lxvp3FJXf-xSglte7Dbfr_GVJSbt7cTxBMhPGcywAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo1AYB68kc9wK5nOJBbODohg%26sig%3DAOD64_0_qd1psJx87DtNcN9184P0EToYUg%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-CRswRuOfR5Mo_KsTMOVLNq3FnE1-GoD0rZWf4u0hCH_RO6afpG4m9ZpjRD6M5rHI_BAOqmhmbQSPpDqgHqcGqmsccaib319mxIP42rllrRQBmBW1ZZUf_LQYBFb4172Qm8-SCVmbhVcpLnaL2bPLKTzcjaqg%26cry%3D1%26dbm_d%3DAKAmf-ADYxG-q6ZcTtPADTs-P0PIO6y7PAn12UXHrXhnHNRPcybllZyuBHUyBg3NqVDxbAlifGKJnBkqCFScNtlxnZxIBuAN0EQY5ylcTqQ7GNPz2nUAv69q0yT95khsG5kaFSwjOQaxkqBUsE_0uqP8ztGLzrOCk26oZ_Sh-T2iXzM3k6s1xrafCGX98eDFpO9aUzGkFjacC22C2qS1k7DFG2W7IYnFQ-1F8zbYXPpXasjH6MVGyfGR8ejPSstasMPY2tIg295rY9rYrO-qhkjV5Ja4Yqcj_n36aVoD6HMfGnPmpUAvffZ38_zsED37mlDVjQqXP5WcOylM7bc13q6Wsnd8XCdHe8Q11vQxmFU0RP__JSQPIxMrhr5H2QSrUXDW-Ck8zPHRq6xn5M-qLBFGqlLeWWFHbbv-cAh_RrUgoRKZmvkjCnvJ-1H-U0pb1PD8T5pcTrTz%26adurl%3D&documentReferer=https%3A%2F%2Fe1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=https%3A%2F%2Fe1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=5557385533758&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 306

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJ8Jb2_0MJNDW5zK_5XcC4c&_origin=1&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJ8Jb2_0MJNDW5zK_5XcC4c&_origin=1&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJ8Jb2_0MJNDW5zK_5XcC4c&_origin=1&google_cver=1&apid=UP19890a78-3a32-11ec-b200-061375847706

Request Chain 307

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP19890a78-3a32-11ec-b200-061375847706 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAxOTg5MGE3OC0zYTMyLTExZWMtYjIwMC0wNjEzNzU4NDc3MDY%3D

Request Chain 308

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1WVnlSdndKRTJ1R01mbGthZ3NuM1ZZVS5QZGpFM1RhTn5B

Request Chain 324

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPnUtJ6z9PMCFU3g1Qodlv4MGg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294

Request Chain 328

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNbTtJ6z9PMCFb4RBgAdo8ABWw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637

Request Chain 331

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEG0u1D_Wnh8dw5uZoE4Sv0A&google_cver=1

Request Chain 333

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJLEtZ6z9PMCFc-AUQoda60OCg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995

Request Chain 362

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPc_gSiAjvRGwSJFOd7OhBI&google_cver=1&google_push=AYg5qPKpSQJpjyT6pcq617-yem22UoEnnSM65U2TOC75mPrWdcsvnYDu3bb8S2Anyo7m5WCP4szB3SenWQ8n_PkLT7FwSLetzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpSQJpjyT6pcq617-yem22UoEnnSM65U2TOC75mPrWdcsvnYDu3bb8S2Anyo7m5WCP4szB3SenWQ8n_PkLT7FwSLetzw&google_hm=MjQzMzU2MjA3MzQ0OTExMjgzMg%3D%3D

Request Chain 363

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_cver=1&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1

Request Chain 364

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEObWMa555iWGY5Evtn9fUGo&google_cver=1&google_push=AYg5qPJYA4cNV79kr0mCmdpPbO8Kr90ef1Xg2vK_3-TDePBcLBJ8qS83fkHvQGK72xw4p0nLYPfZcekxys8LABz6ejBHmYFDqQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJYA4cNV79kr0mCmdpPbO8Kr90ef1Xg2vK_3-TDePBcLBJ8qS83fkHvQGK72xw4p0nLYPfZcekxys8LABz6ejBHmYFDqQ

Request Chain 365

https://match.360yield.com/match/ebda?google_gid=CAESEKn3P2ICjthCG7OF0YEo0ec&google_cver=1&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKn3P2ICjthCG7OF0YEo0ec&google_cver=1&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA

Request Chain 372

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDp7-u6mO2W0bUyLaxOldao&google_cver=1&google_push=AYg5qPIYkj0VGTXAKjsgxg6mthsjikBWEjb-pQiBkQkzSGhyw2spSMdWq2QhZBJh0OxvbHgzr1vWBCmL2ApNLb0zRHKbPyN1coSV HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDp7-u6mO2W0bUyLaxOldao&google_cver=1&google_push=AYg5qPIYkj0VGTXAKjsgxg6mthsjikBWEjb-pQiBkQkzSGhyw2spSMdWq2QhZBJh0OxvbHgzr1vWBCmL2ApNLb0zRHKbPyN1coSV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aGpxc2haV1AxTUg3SUQ1&google_gid=CAESEDp7-u6mO2W0bUyLaxOldao&google_cver=1&google_push=AYg5qPIYkj0VGTXAKjsgxg6mthsjikBWEjb-pQiBkQkzSGhyw2spSMdWq2QhZBJh0OxvbHgzr1vWBCmL2ApNLb0zRHKbPyN1coSV

Request Chain 373

https://a.tribalfusion.com/i.match?p=b6&u=CAESEA4WVf4iqm4q8ted2VgO8O0&google_cver=1&google_push=AYg5qPIpsNW2YsOK4mz6WXWbzDGLFxWXBfIpq498KrmMYOS2dOVBc1enWqt9oFKf9ZM3RxG3EkNZftYn27h2vT4AlZebAGDrFe4t&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIpsNW2YsOK4mz6WXWbzDGLFxWXBfIpq498KrmMYOS2dOVBc1enWqt9oFKf9ZM3RxG3EkNZftYn27h2vT4AlZebAGDrFe4t%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA4WVf4iqm4q8ted2VgO8O0&google_cver=1&google_push=AYg5qPIpsNW2YsOK4mz6WXWbzDGLFxWXBfIpq498KrmMYOS2dOVBc1enWqt9oFKf9ZM3RxG3EkNZftYn27h2vT4AlZebAGDrFe4t&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIpsNW2YsOK4mz6WXWbzDGLFxWXBfIpq498KrmMYOS2dOVBc1enWqt9oFKf9ZM3RxG3EkNZftYn27h2vT4AlZebAGDrFe4t%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 374

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFmJZ-59LiGl2hGUEOtzvfc&google_cver=1&google_push=AYg5qPLBB47xdBC1NXVDxyATR4NGLmm0Gu29EVqseAkpk805Oibff4tkFVkqQL6gs2g_295Y6I4uAOjVLB6KKkLBrfsR_M4LU6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyNTE2OTUxMDkxMDg1MTIxNw%3D%3D&google_push=AYg5qPLBB47xdBC1NXVDxyATR4NGLmm0Gu29EVqseAkpk805Oibff4tkFVkqQL6gs2g_295Y6I4uAOjVLB6KKkLBrfsR_M4LU6A

Request Chain 375

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECrZEfIEJu1OBvtQSSLlSjo&google_cver=1&google_push=AYg5qPJPStu0tB7Bo60OITk5Erd1MAyb4bzK1CxfHvdzb-XsSlCeVrmRtjK_n5ygYVXkJ6btZpZvfx7nrPKfSHeXe-ZPqGXBoso HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECrZEfIEJu1OBvtQSSLlSjo&google_cver=1&google_push=AYg5qPJPStu0tB7Bo60OITk5Erd1MAyb4bzK1CxfHvdzb-XsSlCeVrmRtjK_n5ygYVXkJ6btZpZvfx7nrPKfSHeXe-ZPqGXBoso HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=39d4d751-eb8f-43b2-922c-129062dfa9af HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=39d4d751-eb8f-43b2-922c-129062dfa9af HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=87708af1-9eaa-4af3-aef5-57be2cc29289&ssp=google&expires=30&user_group=5&bsw_param=39d4d751-eb8f-43b2-922c-129062dfa9af HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJPStu0tB7Bo60OITk5Erd1MAyb4bzK1CxfHvdzb-XsSlCeVrmRtjK_n5ygYVXkJ6btZpZvfx7nrPKfSHeXe-ZPqGXBoso&google_hm=OdTXUeuPQ7KSLBKQYt-prw==

412 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ytro.news/
Redirect Chain

http://ytro.news/
https://ytro.news/

98 KB
18 KB

263ms
172ms

Document
text/html

109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

cbda3ef87609525e2533a74ed5b633fe8eb28a9f5671069f42e035d3a3a0f8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.18.0
date: Sun, 31 Oct 2021 10:05:36 GMT
content-type: text/html; charset=utf-8
server-timing: i;dur=0, d;dur=82, r;dur=5
vary: Accept-Encoding
x-request-id: ad35ceb2e21c53940524ec4630de644f
cache-control: max-age=0
cl-cache: BYPASS
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

Redirect headers

Server: nginx/1.18.0
Date: Sun, 31 Oct 2021 10:05:36 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://ytro.news/

GET
H2 200 jquery.min.js Show response
ytro.news/static/js/ 90 KB
33 KB 52ms
50ms Script
application/javascript 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/js/jquery.min.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2017 10:00:38 GMT
server: nginx/1.18.0
etag: W/"5a27bfc6-169d6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=15, r;dur=0
x-request-id: 09102e4fba67731b9ca4fcf57158b9cd
expires: Tue, 30 Nov 2021 10:05:36 GMT

GET
H2 200 jquery.cookie.js Show response
ytro.news/static/js/ 4 KB
2 KB 88ms
86ms Script
application/javascript 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/js/jquery.cookie.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

cfd91d8ff48aea2adea7719b47c73eb7fa29790f077153e496ff8877ac6dd88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2017 10:00:38 GMT
server: nginx/1.18.0
etag: W/"5a27bfc6-1097"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=7, r;dur=0
x-request-id: e3fd63f5f9fc0fc270e523546a77f6a0
expires: Tue, 30 Nov 2021 10:05:36 GMT

GET
H2 200 font.css
ytro.news/static/css/font/ 30 KB
23 KB 87ms
85ms Stylesheet
text/css 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/css/font/font.css

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

508d6278c96f3db92e59e738df47c13bbf9dec8c7291397c21df350fe02846f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2017 10:00:38 GMT
server: nginx/1.18.0
etag: W/"5a27bfc6-77fc"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=10, r;dur=0
x-request-id: 06de5663714f11dbc2da363a613c2cd0
expires: Tue, 30 Nov 2021 10:05:36 GMT

GET
H2 200 fontello.css
ytro.news/static/css/font/ 2 KB
1 KB 93ms
92ms Stylesheet
text/css 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/css/font/fontello.css?v2

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9884796361f3f2c3bcf41bf72263bb081266876937d249a7b4164e1ef87665c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 21 Aug 2020 05:23:01 GMT
server: nginx/1.18.0
etag: W/"5f3f5a35-953"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=8, r;dur=0
x-request-id: 0921ea187aff2deb6b8bb783487e1c44
expires: Tue, 30 Nov 2021 10:05:36 GMT

GET
H2 200 normalize.css
ytro.news/static/css/ 8 KB
3 KB 93ms
92ms Stylesheet
text/css 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/css/normalize.css

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2017 10:00:38 GMT
server: nginx/1.18.0
etag: W/"5a27bfc6-1e1c"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=13, r;dur=0
x-request-id: 5639ba60dbc36175ced02fa0398be93b
expires: Tue, 30 Nov 2021 10:05:36 GMT

GET
H2 200 newmain.css
ytro.news/static/css/ 94 KB
24 KB 92ms
90ms Stylesheet
text/css 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/css/newmain.css?v9

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

965d582895d3b2fb14f1e129db899a8894126d015b2a49d36ea76dd8e153806e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:36 GMT
content-encoding: gzip
last-modified: Fri, 04 Jun 2021 12:25:18 GMT
server: nginx/1.18.0
etag: W/"60ba1bae-17630"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=13, r;dur=0
x-request-id: 6a0fb6d9250f535f25d0dd64d7e259fd
expires: Tue, 30 Nov 2021 10:05:36 GMT

GET
H2 200 fix.css
ytro.news/static/css/ 2 KB
879 B 93ms
92ms Stylesheet
text/css 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/css/fix.css

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

aa2fd0f7b2e3e7cf40af23d2e2426274cee9facac073b5c6058f560da3260784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2017 10:00:38 GMT
server: nginx/1.18.0
etag: W/"5a27bfc6-74a"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=7, r;dur=0
x-request-id: 7c266d0f4719c224589c9ed765f49301
expires: Tue, 30 Nov 2021 10:05:36 GMT

GET
H2 200 drop-navi.css
ytro.news/static/css/ 1 KB
818 B 92ms
91ms Stylesheet
text/css 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/css/drop-navi.css?v2

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5f9730e9e1e0e3499b8cfec56e8c3df1aa855e0a3969b1d9aed006841adea178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 16 Jun 2020 10:25:58 GMT
server: nginx/1.18.0
etag: W/"5ee89e36-545"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=7, r;dur=0
x-request-id: 52cb5feca9b1bc9858ac0b72efb07b2f
expires: Tue, 30 Nov 2021 10:05:36 GMT

GET
H2 200 modernizr-2.8.3.min.js Show response
ytro.news/static/js/vendor/ 15 KB
6 KB 121ms
120ms Script
application/javascript 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/js/vendor/modernizr-2.8.3.min.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2017 10:00:38 GMT
server: nginx/1.18.0
etag: W/"5a27bfc6-3c9a"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=8, r;dur=0
x-request-id: ca5acfeb3d46bf1cabfcbc892bd9eac9
expires: Tue, 30 Nov 2021 10:05:36 GMT

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.2/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.2
https://unpkg.com/web-vitals@2.1.2/dist/web-vitals.umd.js

4 KB
2 KB

38ms
37ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.2/dist/web-vitals.umd.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bf988171c1dfaca42ca163d70cf950ff080414b37c7ff592272f759f1b224f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 572530
fly-request-id: 01FJSTZB23XYYTYDKYM3W1R0HM
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"11ec-Af9pZ9JTRvMjTOZyqJZeqd0k1CM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a6c10e2afbc4db8-FRA

Redirect headers

date: Sun, 31 Oct 2021 10:05:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FHRRPWMZ39ZASQCMR66DAWTC
server: cloudflare
age: 1682201
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.2/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6a6c10e28f804db8-FRA
access-control-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 66ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB1GYCCPFP

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dabfc7120a93e22f4da3b5fd3654a6157e7aa2039d54bca09f6bac82be3c8d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49560
x-xss-protection: 0
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H/1.1 200
OK widget.js Show response
likemore-go.imgsmail.ru/ 33 KB
11 KB 154ms
48ms Script
application/javascript 217.69.139.14
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://likemore-go.imgsmail.ru/widget.js
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.69.139.14 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: likemore-go.imgsmail.ru
Software: nginx /
Resource Hash: d59371e3f0a6e74cfb0198ad2da8f09b154eecd86d134870e534f5266bc8e51c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Sep 2021 13:59:59 GMT
Server: nginx
ETag: "61434ddf-2be2"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 11234
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 72ms
31ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:36 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 12:34:27 GMT
server: nginx
etag: W/"615af4d3-1dd0f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 01 Nov 2021 10:05:36 GMT

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 152 KB
39 KB 159ms
55ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

275d46c5c1c918fb00511a3429079681adfe08088553b825d41ef42c9c56d83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 3991040478
x-yandex-req-id: 1635674736990069-12082370096558741525-man2-6420-575-man-l7-balancer-8080-BAL-521
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 31 Oct 2021 11:05:36 GMT

GET
H2 200 relap.js Show response
relap.io/v7/ 13 KB
5 KB 242ms
59ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/relap.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

6de712ac16db9410b4c61e929db988deaab381f5a269d7aaa4a63867b380f364

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:26:47 GMT
server: nginx
etag: "617bda77-11e3"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 4579
expires: Sun, 31 Oct 2021 10:06:37 GMT

GET
H2 200 push.js Show response
ytro.news/static/js/ 3 KB
1 KB 59ms
55ms Script
application/javascript 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/js/push.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

23c185f7fc668477fc07e92bf55eb7cfe0ffe982516405b3eaf619fb82cd1112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Fri, 04 Jun 2021 12:25:18 GMT
server: nginx/1.18.0
etag: W/"60ba1bae-d37"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=9, r;dur=0
x-request-id: 920e04b99a5adaddf746e37b12b73cb1
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H2 200 adfox.custom.min.js Show response
ytro.news/static/js/ 12 KB
4 KB 59ms
54ms Script
application/javascript 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/js/adfox.custom.min.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5d81781ab85b52a308ead17cd12c06f6b7967c012cf81a7f6d8ad4f997e4321e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2017 10:00:38 GMT
server: nginx/1.18.0
etag: W/"5a27bfc6-303b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=7, r;dur=0
x-request-id: 86f31d6f286cf39d7b030a35e3588376
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H2 200 ScrollMagic.min.js Show response
ytro.news/static/js/ 17 KB
6 KB 59ms
55ms Script
application/javascript 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/js/ScrollMagic.min.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

f9bc2af159f56f6373d66177e46c98091dd63f5ccd06ae805fd3feac847fbe0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2017 10:00:38 GMT
server: nginx/1.18.0
etag: W/"5a27bfc6-438e"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=10, r;dur=0
x-request-id: f0afa0f976ada38c17696bd451d6ed80
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H2 200 logo_ytronews.png
ytro.news/static/img/ 8 KB
8 KB 59ms
55ms Image
image/png 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ytro.news/static/img/logo_ytronews.png

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

959cb2e1501ddcb562b4534c5ffae70f99e8ac6a2b97bb808f55708daee45bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Fri, 04 Jun 2021 12:24:30 GMT
server: nginx/1.18.0
etag: "60ba1b7e-2021"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=15, r;dur=0
x-request-id: c4313d0c0ef1415972cef23bff1e7b4c
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H2 200 1496336.jpg
pics.ytro.news/utro_photos/2021/10/31/ 56 KB
56 KB 271ms
17ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/31/1496336.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 16465cccbf141f1a126c4476b299f79d14c8413954869b1f2093d4b1e7a41bb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sun, 31 Oct 2021 08:46:45 GMT
server: nginx
etag: "617e57f5-de92"
x-cached-since: 2021-10-31T09:00:56+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 56978
expires: Mon, 01 Nov 2021 09:00:56 GMT

GET
H2 200 1496330norm.jpg
pics.ytro.news/utro_photos/2021/10/31/ 4 KB
4 KB 282ms
28ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/31/1496330norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9c7f71da6f8110384912648eb9df3134616cc28f986c614d2ce0b5c8499b8b05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sun, 31 Oct 2021 07:16:15 GMT
server: nginx
etag: "617e42bf-e4f"
x-cached-since: 2021-10-31T07:36:54+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 3663
expires: Mon, 01 Nov 2021 07:36:54 GMT

GET
H2 200 1496333norm.jpg
pics.ytro.news/utro_photos/2021/10/31/ 4 KB
4 KB 282ms
28ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/31/1496333norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9ba82b51ad68ed71d5245fa4d8ffa4815b539405d413d2239c5ab4457a3dfae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sun, 31 Oct 2021 08:15:04 GMT
server: nginx
etag: "617e5088-e54"
x-cached-since: 2021-10-31T08:17:02+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 3668
expires: Mon, 01 Nov 2021 08:17:02 GMT

GET
H2 200 1496334norm.jpg
pics.ytro.news/utro_photos/2021/10/31/ 5 KB
5 KB 278ms
24ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/31/1496334norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4f019424845e5a43cbb8ced271c9413fab151dac52d7c85d9e984cae55c32db5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sun, 31 Oct 2021 08:34:24 GMT
server: nginx
etag: "617e5510-124d"
x-cached-since: 2021-10-31T09:18:23+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 4685
expires: Mon, 01 Nov 2021 09:18:23 GMT

GET
H2 200 1496314norm.jpg
pics.ytro.news/utro_photos/2021/10/30/ 3 KB
3 KB 281ms
28ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/30/1496314norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fa64d6e4916754849e5986a9da2902e5083bb793c501d422ccb6790accba4c8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sat, 30 Oct 2021 13:00:11 GMT
server: nginx
etag: "617d41db-b02"
x-cached-since: 2021-10-30T13:09:52+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 2818
expires: Sun, 31 Oct 2021 13:09:52 GMT

GET
H2 200 1496302norm.jpg
pics.ytro.news/utro_photos/2021/10/30/ 5 KB
5 KB 197ms
23ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/30/1496302norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0535a5828934a648f30b2513995b73eaf14a625e962d56476b57fb7610706f95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sat, 30 Oct 2021 10:40:27 GMT
server: nginx
etag: "617d211b-126b"
x-cached-since: 2021-10-30T15:06:09+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 4715
expires: Sun, 31 Oct 2021 15:06:09 GMT

GET
H2 200 1496312norm.jpg
pics.ytro.news/utro_photos/2021/10/30/ 4 KB
4 KB 138ms
24ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/30/1496312norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b96ba5eb60f625217f0dda0c2a7fb9cb36aa0bcc05f3f14f6151620b3d6f48ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sat, 30 Oct 2021 12:30:54 GMT
server: nginx
etag: "617d3afe-efd"
x-cached-since: 2021-10-30T13:03:54+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 3837
expires: Sun, 31 Oct 2021 13:03:54 GMT

GET
H2 200 1496285norm.jpg
pics.ytro.news/utro_photos/2021/10/30/ 4 KB
4 KB 128ms
14ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/30/1496285norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d90996e05416048f3c7e7ddf2f1acedfec75667d58b9735e8cefb5a6ac68de1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sat, 30 Oct 2021 08:35:13 GMT
server: nginx
etag: "617d03c1-1072"
x-cached-since: 2021-10-30T11:22:23+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 4210
expires: Sun, 31 Oct 2021 11:22:23 GMT

GET
H2 200 1496179big.jpg
pics.ytro.news/utro_photos/2021/10/29/ 20 KB
20 KB 25ms
23ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/29/1496179big.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1fdf27d473c1416212d302d9f8e8c03f732049ec77257f6145d1de8fc843c850

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Fri, 29 Oct 2021 07:21:23 GMT
server: nginx
etag: "617ba0f3-5112"
x-cached-since: 2021-10-31T08:42:55+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 20754
expires: Sat, 30 Oct 2021 08:21:23 GMT

GET
H2 200 1496323norm.jpg
pics.ytro.news/utro_photos/2021/10/30/ 4 KB
4 KB 32ms
31ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/30/1496323norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b80902bc069346144644109f95fc1b0bfc1d6dada8f57c16c0ded4df7d16d618

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sat, 30 Oct 2021 14:30:04 GMT
server: nginx
etag: "617d56ec-111c"
x-cached-since: 2021-10-31T07:47:37+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 4380
expires: Mon, 01 Nov 2021 07:47:37 GMT

GET
H2 200 1496268norm.jpg
pics.ytro.news/utro_photos/2021/10/29/ 3 KB
3 KB 31ms
30ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/29/1496268norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3a74dd12e2d4666b3b4a6fcfbbbd34e66a1a6161b8f17e5ee371b6592fd99d48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Fri, 29 Oct 2021 17:54:29 GMT
server: nginx
etag: "617c3555-d0b"
x-cached-since: 2021-10-31T07:45:47+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 3339
expires: Sun, 31 Oct 2021 07:40:41 GMT

GET
H2 200 1496272norm.jpg
pics.ytro.news/utro_photos/2021/10/29/ 3 KB
3 KB 25ms
24ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/29/1496272norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 934a277b933f75603158b887ef49467253060ec5bb175ef27391ed917d6b1ca1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Fri, 29 Oct 2021 18:15:16 GMT
server: nginx
etag: "617c3a34-c83"
x-cached-since: 2021-10-31T07:56:02+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 3203
expires: Sun, 31 Oct 2021 07:53:23 GMT

GET
H2 200 1496319norm.jpg
pics.ytro.news/utro_photos/2021/10/30/ 4 KB
4 KB 31ms
30ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/30/1496319norm.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4b356a5fdadebf45a278205822bb4ccde28a281aab0b71cca4b4bb84a2eac856

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sat, 30 Oct 2021 13:53:20 GMT
server: nginx
etag: "617d4e50-1093"
x-cached-since: 2021-10-31T08:57:01+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 4243
expires: Mon, 01 Nov 2021 08:57:01 GMT

GET
H2 200 1496292big.jpg
pics.ytro.news/utro_photos/2021/10/30/ 14 KB
14 KB 30ms
29ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/30/1496292big.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5bfa3d791a8fbb0feca95d7f930acff23e8d3f22022a439163cb75146d8891d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sat, 30 Oct 2021 09:36:53 GMT
server: nginx
etag: "617d1235-3906"
x-cached-since: 2021-10-30T13:37:26+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 14598
expires: Sun, 31 Oct 2021 13:37:26 GMT

GET
H2 200 1496276big.jpg
pics.ytro.news/utro_photos/2021/10/30/ 14 KB
14 KB 26ms
25ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/30/1496276big.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 27ac4f3217fa2727b0ccc38408e3d66898de3d896ce49a4b7d16776d000f366a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Sat, 30 Oct 2021 07:30:20 GMT
server: nginx
etag: "617cf48c-391a"
x-cached-since: 2021-10-31T08:05:38+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 14618
expires: Sun, 31 Oct 2021 08:04:48 GMT

GET
H2 200 1496161big.jpg
pics.ytro.news/utro_photos/2021/10/29/ 33 KB
33 KB 29ms
28ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.ytro.news/utro_photos/2021/10/29/1496161big.jpg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2fb4eec2305fa629bc24a42372de4e80854888c59316405353b6d5814500cf8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Fri, 29 Oct 2021 05:20:47 GMT
server: nginx
etag: "617b84af-84fc"
x-cached-since: 2021-10-31T08:23:32+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 34044
expires: Sat, 30 Oct 2021 08:05:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 78ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3acd01b02d8b9df1781c0d6f2f2ee43a856455a102fc673727ca97f6caed00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51561
x-xss-protection: 0
server: cafe
etag: 779488362623571006
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 jquery-1.12.0.min.js Show response
ytro.news/static/js/vendor/ 95 KB
34 KB 52ms
52ms Script
application/javascript 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/js/vendor/jquery-1.12.0.min.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2017 10:00:38 GMT
server: nginx/1.18.0
etag: W/"5a27bfc6-17c52"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=15, r;dur=0
x-request-id: aa5bb8018650598041640d7b1a76cb2c
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H2 200 plugins.js Show response
ytro.news/static/js/ 167 KB
43 KB 53ms
48ms Script
application/javascript 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/js/plugins.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

165bfa5cef957cafcef9ff654e0f07a81196c10434659beb0c7d2d0915891675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 06 Jul 2020 15:49:23 GMT
server: nginx/1.18.0
etag: W/"5f034803-29d73"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=17, r;dur=0
x-request-id: 5462bd0cfe118a63b0c18eba2ac2aa84
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H2 200 newmain.js Show response
ytro.news/static/js/ 11 KB
3 KB 59ms
54ms Script
application/javascript 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/js/newmain.js?v3

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7cf3f301af4dd7f8b4df8746214bcd79257a9684152046c796cb79cf8d25b614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 20 Dec 2020 15:14:28 GMT
server: nginx/1.18.0
etag: W/"5fdf6a54-2d58"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=16, r;dur=0
x-request-id: f71cbca7b2a51886da63e0a498b64761
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 303 KB
81 KB 80ms
79ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c0e6c27e13415cd70e338f7040a69a6e992a8e02e13c6508bc7df98427d4f0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 357777294
x-yandex-req-id: 1635674737029606-1643412675148989567-man2-6420-575-man-l7-balancer-8080-BAL-4290
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 31 Oct 2021 11:05:37 GMT

GET
H2

200

widget-utroru.js Show response
code.giraff.io/data/
Redirect Chain

https://www.giraff.io/data/widget-utroru.js
https://code.giraff.io/data/widget-utroru.js

87 KB
29 KB

353ms
264ms

Script
application/javascript

2606:4700:10::6816:4f7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.giraff.io/data/widget-utroru.js
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Server: 2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a04ccb9816b88e70f05b15e7287ac8c75f78bd55f181df6ea7e3db64b74ec890

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Sep 2021 12:46:34 GMT
server: cloudflare
etag: W/"61530eaa-15a37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
cf-ray: 6a6c10e509e30e0e-MXP
expires: Sun, 31 Oct 2021 10:06:37 GMT

Redirect headers

location: https://code.giraff.io/data/widget-utroru.js
date: Sun, 31 Oct 2021 10:05:37 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 top100.jcn Show response
counter.rambler.ru/ 78 KB
79 KB 228ms
105ms Script
application/javascript 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.rambler.ru/top100.jcn?85047
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 98424872109542731a4b210eae25985fa55bb7ab2b041197505426bf4252afa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type: application/octet-stream, application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 303
date: Sun, 31 Oct 2021 10:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 31 Oct 2021 12:00:34 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 69ms
14ms Script
text/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 2238
date: Sun, 31 Oct 2021 09:28:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 31 Oct 2021 11:28:19 GMT

GET
H/1.1 200
OK stf.js Show response
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/ 15 KB
6 KB 130ms
20ms Script
text/javascript 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/stf.js
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fef6d5b54da0d9e0479a9560e9236c70713eab51dbeca880a78ac30067bcceba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:37 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 01 Dec 2020 11:17:59 GMT
X-Trans-Id: tx32b47da0fc6c47f1b74bc-00605a3a3edfw1
ETag: 9938b8ddbd1e9cb76af2bc7b25514c8e
Vary: Accept-Encoding
Content-Type: text/javascript
X-Timestamp: 1606821478.00915
Cache-Control: public, max-age=159293
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5238
Expires: Tue, 02 Nov 2021 06:20:30 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 25 KB
11 KB 166ms
52ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Thu, 15 Jul 2021 18:35:46 GMT
server: nginx
etag: W/"60f08002-64db"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Sun, 31 Oct 2021 11:05:37 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 87 B
368 B 404ms
73ms XHR
application/json 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e96c31304d58bc83256ba6e55ae28bb0f222343d9e0698c0b9f2746e2adcbc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://ytro.news
date: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 87
x-content-type-options: nosniff
content-type: application/json

POST
H2 200 cdb Show response
bidder.criteo.com/ 871 B
595 B 58ms
22ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=114&profileId=184&cb=58206554975
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 5a297d84fba7d335495a9187d7935f46df79066c97397f104047933236294089

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ytro.news
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 360

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
914 B 267ms
89ms XHR
application/json 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ytro.news
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
332 B 349ms
83ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 31 Oct 2021 10:05:37 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://ytro.news
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
203 B 53ms
17ms XHR
application/json 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ytro.news
date: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
250 B 52ms
14ms XHR
text/plain 88.99.28.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.28.99.88.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ytro.news
date: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-credentials: true
server: nginx/1.17.10
content-length: 11
vary: Origin
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK mvpt.min.js Show response
moevideo.biz/embed/js/ 171 KB
171 KB 386ms
252ms Script
application/javascript 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/js/mvpt.min.js
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: 9fda1c82c6cd9d802f213ce5e87e0ff3add1366e78a5fd23de5e6e6f155d5ddd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:37 GMT
Last-Modified: Fri, 29 Oct 2021 10:46:05 GMT
Server: nginx
X-My-Name: s19
ETag: "617bd0ed-2acc4"
Content-Type: application/javascript
Content-Length: 175300
Connection: keep-alive
Accept-Ranges: bytes
X-My-Reqtime: 0.093

GET
DATA 200
OK truncated
/ 957 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0baca6809327a741c1f7b8b3d61e6beaf22ef62308edc8f9d355edefc9778b54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07dfe967094683a20ef877b702ef747c628b5cc9aed74971a1741bd51672e5e7

Request headers

Referer
Origin: https://ytro.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H2 204 collect
www.google-analytics.com/g/ 0
167 B 44ms
15ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FB1GYCCPFP&gtm=2oear0&_p=953058298&sr=1600x1200&ul=en-us&cid=301309105.1635674737&_s=1&dl=https%3A%2F%2Fytro.news%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&sid=1635674737&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB1GYCCPFP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ytro.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 shadow-article.png
ytro.news/static/img/ 16 KB
17 KB 44ms
44ms Image
image/png 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ytro.news/static/img/shadow-article.png

Requested by

Host: ytro.news
URL: https://ytro.news/static/css/newmain.css?v9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

f58ac8310c580f38177c71c590d8dcdcfbdebf980badf4fa533c75845bb1c11b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/static/css/newmain.css?v9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.18.0
etag: "5c99eaa2-41cf"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=9, r;dur=0
x-request-id: 96ccddf3ffd766a560e2d9b4b26f4ca2
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H/1.1 200
OK target.js Show response
target.smi2.net/client/ 3 KB
1 KB 213ms
54ms Script
application/x-javascript 146.185.195.88
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://target.smi2.net/client/target.js
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.195.88 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: 2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Feb 2019 12:15:43 GMT
Server: nginx
ETag: W/"5c54386f-af9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, private
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 03 Nov 2021 10:05:37 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ytro.news/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ytro.news/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u04...

43 B
528 B

68ms
68ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ytro.news/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430%20%u2013%20%u0423%u0442%u0440%u043E.%u0440%u0443%20%u2013%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F;0.6291457053516987

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

HTTP/1.1

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:37 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 30 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:37 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ytro.news/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430%20%u2013%20%u0423%u0442%u0440%u043E.%u0440%u0443%20%u2013%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F;0.6291457053516987
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 30 Oct 2020 21:00:00 GMT

GET
DATA 200
OK truncated
/ 271 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00028f80cfe82fce4c139816b346ac09923be34b8ec111a2c46c600005c76caa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 615 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9d965c892b782e66a44c9bf9a2d5922f1cdbcceada7e90002e753a86bc15130

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 724 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfe4f6fd49b85b9d410cd2e1482f17dbbb8cee4fb8173396555b7244d82a9f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 626 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 689dfd5efa19909a15e4917dde1ff6886526839abae8ac081c2a77c055116fd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 zen.svg
ytro.news/static/img/ 859 B
1 KB 43ms
43ms Image
image/svg+xml 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ytro.news/static/img/zen.svg

Requested by

Host: ytro.news
URL: https://ytro.news/static/css/font/fontello.css?v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d03057abcffb7f2a02c1c29808334101074c103fa5c49c15069e13add2df4721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/static/css/font/fontello.css?v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Fri, 21 Aug 2020 05:23:01 GMT
server: nginx/1.18.0
etag: "5f3f5a35-35b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=19, r;dur=0
accept-ranges: bytes
content-length: 859
x-request-id: fbb09137a5ab82574eaa078cb37b310c
expires: Tue, 30 Nov 2021 10:05:37 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
182 B 16ms
16ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://ytro.news
date: Sun, 31 Oct 2021 10:05:36 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 e3c0260e4dd05ea27c01.js Show response
yastatic.net/partner-code-bundles/46952/ 13 KB
5 KB 124ms
43ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/46952/e3c0260e4dd05ea27c01.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d2f51f2ab5d00c8e305728ffa74b4bd3a3a4879ab9f4774d0359b260214a7024

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ytro.news/
Origin: https://ytro.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4460
last-modified: Fri, 29 Oct 2021 15:16:28 GMT
server: nginx/1.17.9
etag: "f2e1f0a8d2212e3ebdd78ea8dd248d80"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2051 16:39:28 GMT

GET
H2 200 e7c2bfb73c3b85f8e4e6.js Show response
yastatic.net/partner-code-bundles/46952/ 81 KB
18 KB 156ms
76ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/46952/e7c2bfb73c3b85f8e4e6.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

de53e670850792e2fadaa571f23ee67c166319166fe64799187b1bb598e85119

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ytro.news/
Origin: https://ytro.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17378
last-modified: Fri, 29 Oct 2021 15:16:28 GMT
server: nginx/1.17.9
etag: "21cb99c95a426f96bd332686ee728067"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2051 16:39:29 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.82/ 33 KB
9 KB 207ms
128ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.82/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ytro.news/
Origin: https://ytro.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8879
last-modified: Mon, 28 Jun 2021 10:29:24 GMT
server: nginx/1.17.9
etag: "e4627697ff619d2b610d2b2fee975531"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2051 16:39:47 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/275069/getBulk/ 170 B
616 B 175ms
88ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/275069/getBulk/v2?dl=https%3A%2F%2Fytro.news%2F&date=2021-10-31T10%3A05%3A37.190%2B00%3A00&pd=31&pdh=1200&pdw=1600&pr1=3947158100&pr=411532975&prr=&pv=10&pw=0&extid_loader=&extid_tag_loader=ytro.news&ylv=0.46952&ybv=0.46952&ytt=479387069843477&is-turbo=0&skip-token=&ad-session-id=5608221635674737200&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A83%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=46952&availableWidth=1600&availableHeight=0&pp=g&ps=cxhg&p2=gazz&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C67%3B443399%2C0%2C95%3B443799%2C0%2C37%3B443440%2C0%2C94%3B439949%2C0%2C61%3B436280%2C0%2C20%3B444595%2C0%2C85%3B434215%2C0%2C96%3B444618%2C0%2C64%3B445012%2C0%2C36%3B204304%2C0%2C43&pcode-flags-map=eJyNVttuo0gQ%2FReenRXQXOetgbbdCtBsd5PLRqMWcdCsJcaOsBPtzmj%2BfQoDiRvHzvgBDOZU1Tl1qvBPg%2BQ4SomKWUJioW6XVJKUCml8efhpvFbNS218MSQviTEz9vVuT5%2Fg2rFD0w2NX19nRkLFAZ%2BQOS5TqeSSZESRrJD3Kik5lpTln8by0SFWRhKK1ZxCuIhKwBJVcMo4hVhzHEvGtUjmX2b3sU6iOYdoNywtoZSolJLlCuc0Oy2mJ38SwD8EKHM6ZxxQfwLp1YiXOF%2BAmCmNr0EKzsrFUqVsQWMtBnCBSsbSRo5aTGT7tn2IOTRIXNP8WN3LojoWcqxj%2BE0RDj3%2BDOiHPfAGCyVkDyZcTKVzHGQhX8c63iDdkPS9oeAsKpcqE6S7lISrMk%2FgiKNEsTz9jI3r2H1TcTJndyrjsbqhgkY07bwBGh4U14LU%2Fz3rTfIRMse%2Bpgx32aG9CmfFMW7fvtQaLEDhAIPaheAK2jDBnOZ6A83LND2gCsJjksvODCCLxMf4g5GtCWG37%2F44V12M3o1aAx%2BMH%2FUGcsPRHk5X36qmqdv%2F4fJx3TSP26p9gu%2F%2Fbtv1j%2B1mXzXahYmsAG5UT9Xzfv1ax9vNDiRY7bct3P2%2BfarbDR5%2BgxvP292%2BbuOq3b7s6uYY935r971q92q%2Fbmrj68ecuIxUhPO860CKF%2BKilu%2BwZQQ%2BPH7WsS0XnUmRFUqQPFERwfHEudMMCHmme95dERjsNtczP1he4Nn%2BzHZhEbpwCoLAmiHXsYJgZqPQRd3JNX1vZnswF2hmm7ZlmuMjyAw9D%2BC%2BGZqWrhJy%2FdHqwIDkikWC8Alzo95Uj02t0%2FDssJ%2B%2BOb0jyeAWxUk3aJcF8IKwzxmzrOBEiL4vKsOazzWLosDzrDGdguW6gCEvOJMsZulZlGNaQ6rO0EsyjmFMYEOLW71Qa7KY%2FDd6KoMpXBK6WEqVy8vD6LgofC9UJNcqxfeslLAO8zldnE8IZurfS5IIqchdobqV2KO6LVB0%2B1RLDb9JDuz1XeC7Qc84w1yOxv9opR4m5%2Bqx2mzq9mqcLPVq63QQCsM3OhHjnYLyvoDlRKSki1wfp9W%2BmcD9AZ7BWqF9NZf1Q9C1IwJ%2Fl6TUabf1qmpWuqXC0OnT3NJkQaT6BxRLyN0nPrSDPtMgkijB%2BPeKJiovs0iv09TfPG4IIzw700nHs%2FoWFEx07x5waErik38DUM%2FVerXdXOmKo27PfFAWmD3C%2FZLQt7nlnsneGWY6yY4X%2BJMOu6bVbbFfvwHEWsqU&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=kb094GLO1XlAbBNGlUwZSTk6433%2FOA0p1ZW%2BPTurjAyJOmOdqbHunGOGe9UGrfk0NQ6WP72oTcZnS5EAbJ%2BN8yhnyhw%3D&grab-orig-len=2048&grab=dNCd0L7QstC-0YHRgtC4INCg0L7RgdGB0LjQuCDQuCDQvNC40YDQsCDigJMg0KPRgtGA0L4u0YDRgyDigJMg0L_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4INC90LAg0YHQtdCz0L7QtNC90Y8KMSAi0J3QuNC60LDQutC40YUg0L_RgNC-0LHQu9C10LwiOiDQvtGC0LXQu9GMINCyINCl0YPRgNCz0LDQtNC1INC_0YDQuNC90LjQvNCw0LXRgiDRgtGD0YDQuNGB0YLQvtCyINC_0L7RgdC70LUg0LzQsNGB0YHQvtCy0L7Qs9C-INC-0YLRgNCw0LLQu9C10L3QuNGPINGA0L7RgdGB0LjRj9C9IAoy0KDQtdC60L7QvNC10L3QtNGD0LXQvCAKMtCd0L7QstC-0YHRgtC4INCj0LrRgNCw0LjQvdGLIAoy0KjQvtGDLdCx0LjQt9C90LXRgSAKMtCQ0YDQvNC40Y8gCjLQndC-0LLQvtGB0YLQuCDQv9Cw0YDRgtC90LXRgNC-0LIgCjLQvdC-0LLQvtGB0YLQvdCw0Y8g0LvQtdC90YLQsCAKMtCy0YvQsdC-0YAg0YDQtdC00LDQutGG0LjQuCAKMtCd0L7QstC-0YHRgtC4INC_0LDRgNGC0L3QtdGA0L7QsiAKMtCc0L7Qu9C00LDQstC40Y8g0LLRi9GC0L7RgNCz0L7QstCw0LvQsCDRgyDQoNC-0YHRgdC40Lgg0YHQutC40LTQutGDINC90LAg0LPQsNC3IAoy0KDQsNC00L7QstCw0YLRjNGB0Y8g0L3QtdGH0LXQvNGDOiDQp9GD0LHQsNC50YEg0L_RgNC10LTRgNC10Log0KDQvtGB0YHQuNC4INC_0YDQvtCx0LvQtdC80Ysg0LjQty3Qt9CwINCy0YvRgdC-0LrQuNGFINGG0LXQvSDQvdCwINCz0LDQtyDQsiDQldCy0YDQvtC_0LUgCjLQntCx0LLQuNC90LXQvdC40Y8g0LPRgNCw0L3QuNGH0LDRgiDRgSDQsdGA0LXQtNC-0Lw6INC_0L7RgdC-0Lsg0KDQvtGB0YHQuNC4INC_0L7RgdGC0LDQstC40Lsg0L3QsCDQvNC10YHRgtC-INC30LDQv9Cw0LTQvdGL0YUg0LrRgNC40YLQuNC60L7QsiAKM9CQ0LzQtdGA0LjQutCw0L3RgdC60LjQuSDQsNC00LzQuNGA0LDQuyDQvtGG0LXQvdC40Lsg0LDQv9C_0LXRgtC40YIg0J_Rg9GC0LjQvdCwINC6INGA0LjRgdC60YMgCjPQodGC0LDRgtC40YHRgtC40LrQsCDQv9C-INC60L7QstC40LTRgyDQsiDQoNC-0YHRgdC40Lgg0L3QsCAzMSDQvtC60YLRj9Cx0YDRjyAKM9CSINC_0Y_RgtC40LfQstC10LfQtNC-0YfQvdC-0Lwg0L7RgtC10LvQtSDQvdCwINC10LPQuNC_0LXRgtGB0LrQvtC8INC60YPRgNC-0YDRgtC1INC-0YLRgNCw0LLQuNC70LjRgdGMIDQwINGA0L7RgdGB0LjRj9C9OiDQv9C-0LTRgNC-0LHQvdC-0YHRgtC4IAoz0J_Rg9GC0LjQvSDQstGL0YHRgtGD0L_QuNC7INC90LAgRzIwOiDQv9GA0LXQt9C40LTQtdC90YIg0L7QsdGA0LDRgtC40LvRgdGPINC6INGB0YLRgNCw0L3QsNC8INGBINC_0YDQuNC30YvQstC-0LwgCjPQkdC-0LvRjNGI0LDRjyDQvtGI0LjQsdC60LA6INCR0L7Qu9GC0L7QvSDQv9GA0LXQtNC-0YHRgtC10YDQtdCzINCg0L7RgdGB0LjRjiDQvtGCINGB0L7RjtC30LAg0YEg0JrQuNGC0LDQtdC8IAoz0JrRg9GA0YEg0YDRg9Cx0LvRjyAKM9Ck0L7RgtC-0YDQtdC_0L7RgNGC0LDQtiAKM9Ca0L7RgNC-0L3QsNCy0LjRgNGD0YEg0LIg0KDQvtGB0YHQuNC4

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

9e7087703b5d40c70ead12bea0b8a8026c69f541a420ba60dc2b2381d1a8f089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635674737313102-1763200865794054301500293-production-app-host-man-pcode-72
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ytro.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/275069/getBulk/ 170 B
317 B 209ms
127ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/275069/getBulk/v2?dl=https%3A%2F%2Fytro.news%2F&date=2021-10-31T10%3A05%3A37.205%2B00%3A00&pd=31&pdh=1200&pdw=1600&pr1=4242076465&pr=411532975&prr=&pv=10&pw=0&extid_loader=&extid_tag_loader=ytro.news&ylv=0.46952&ybv=0.46952&ytt=479387069843477&is-turbo=0&skip-token=&ad-session-id=5608221635674737200&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A6204%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=46952&availableWidth=1600&availableHeight=0&pp=g&ps=cxhg&p2=gati&slotNumber=9&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C67%3B443399%2C0%2C95%3B443799%2C0%2C37%3B443440%2C0%2C94%3B439949%2C0%2C61%3B436280%2C0%2C20%3B444595%2C0%2C85%3B434215%2C0%2C96%3B444618%2C0%2C64%3B445012%2C0%2C36%3B204304%2C0%2C43&pcode-flags-map=eJyNVttuo0gQ%2FReenRXQXOetgbbdCtBsd5PLRqMWcdCsJcaOsBPtzmj%2BfQoDiRvHzvgBDOZU1Tl1qvBPg%2BQ4SomKWUJioW6XVJKUCml8efhpvFbNS218MSQviTEz9vVuT5%2Fg2rFD0w2NX19nRkLFAZ%2BQOS5TqeSSZESRrJD3Kik5lpTln8by0SFWRhKK1ZxCuIhKwBJVcMo4hVhzHEvGtUjmX2b3sU6iOYdoNywtoZSolJLlCuc0Oy2mJ38SwD8EKHM6ZxxQfwLp1YiXOF%2BAmCmNr0EKzsrFUqVsQWMtBnCBSsbSRo5aTGT7tn2IOTRIXNP8WN3LojoWcqxj%2BE0RDj3%2BDOiHPfAGCyVkDyZcTKVzHGQhX8c63iDdkPS9oeAsKpcqE6S7lISrMk%2FgiKNEsTz9jI3r2H1TcTJndyrjsbqhgkY07bwBGh4U14LU%2Fz3rTfIRMse%2Bpgx32aG9CmfFMW7fvtQaLEDhAIPaheAK2jDBnOZ6A83LND2gCsJjksvODCCLxMf4g5GtCWG37%2F44V12M3o1aAx%2BMH%2FUGcsPRHk5X36qmqdv%2F4fJx3TSP26p9gu%2F%2Fbtv1j%2B1mXzXahYmsAG5UT9Xzfv1ax9vNDiRY7bct3P2%2BfarbDR5%2BgxvP292%2BbuOq3b7s6uYY935r971q92q%2Fbmrj68ecuIxUhPO860CKF%2BKilu%2BwZQQ%2BPH7WsS0XnUmRFUqQPFERwfHEudMMCHmme95dERjsNtczP1he4Nn%2BzHZhEbpwCoLAmiHXsYJgZqPQRd3JNX1vZnswF2hmm7ZlmuMjyAw9D%2BC%2BGZqWrhJy%2FdHqwIDkikWC8Alzo95Uj02t0%2FDssJ%2B%2BOb0jyeAWxUk3aJcF8IKwzxmzrOBEiL4vKsOazzWLosDzrDGdguW6gCEvOJMsZulZlGNaQ6rO0EsyjmFMYEOLW71Qa7KY%2FDd6KoMpXBK6WEqVy8vD6LgofC9UJNcqxfeslLAO8zldnE8IZurfS5IIqchdobqV2KO6LVB0%2B1RLDb9JDuz1XeC7Qc84w1yOxv9opR4m5%2Bqx2mzq9mqcLPVq63QQCsM3OhHjnYLyvoDlRKSki1wfp9W%2BmcD9AZ7BWqF9NZf1Q9C1IwJ%2Fl6TUabf1qmpWuqXC0OnT3NJkQaT6BxRLyN0nPrSDPtMgkijB%2BPeKJiovs0iv09TfPG4IIzw700nHs%2FoWFEx07x5waErik38DUM%2FVerXdXOmKo27PfFAWmD3C%2FZLQt7nlnsneGWY6yY4X%2BJMOu6bVbbFfvwHEWsqU&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=kb094GLO1XlAbBNGlUwZSTk6433%2FOA0p1ZW%2BPTurjAyJOmOdqbHunGOGe9UGrfk0NQ6WP72oTcZnS5EAbJ%2BN8yhnyhw%3D&grab-orig-len=2048&grab=dNCd0L7QstC-0YHRgtC4INCg0L7RgdGB0LjQuCDQuCDQvNC40YDQsCDigJMg0KPRgtGA0L4u0YDRgyDigJMg0L_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4INC90LAg0YHQtdCz0L7QtNC90Y8KMSAi0J3QuNC60LDQutC40YUg0L_RgNC-0LHQu9C10LwiOiDQvtGC0LXQu9GMINCyINCl0YPRgNCz0LDQtNC1INC_0YDQuNC90LjQvNCw0LXRgiDRgtGD0YDQuNGB0YLQvtCyINC_0L7RgdC70LUg0LzQsNGB0YHQvtCy0L7Qs9C-INC-0YLRgNCw0LLQu9C10L3QuNGPINGA0L7RgdGB0LjRj9C9IAoy0KDQtdC60L7QvNC10L3QtNGD0LXQvCAKMtCd0L7QstC-0YHRgtC4INCj0LrRgNCw0LjQvdGLIAoy0KjQvtGDLdCx0LjQt9C90LXRgSAKMtCQ0YDQvNC40Y8gCjLQndC-0LLQvtGB0YLQuCDQv9Cw0YDRgtC90LXRgNC-0LIgCjLQvdC-0LLQvtGB0YLQvdCw0Y8g0LvQtdC90YLQsCAKMtCy0YvQsdC-0YAg0YDQtdC00LDQutGG0LjQuCAKMtCd0L7QstC-0YHRgtC4INC_0LDRgNGC0L3QtdGA0L7QsiAKMtCc0L7Qu9C00LDQstC40Y8g0LLRi9GC0L7RgNCz0L7QstCw0LvQsCDRgyDQoNC-0YHRgdC40Lgg0YHQutC40LTQutGDINC90LAg0LPQsNC3IAoy0KDQsNC00L7QstCw0YLRjNGB0Y8g0L3QtdGH0LXQvNGDOiDQp9GD0LHQsNC50YEg0L_RgNC10LTRgNC10Log0KDQvtGB0YHQuNC4INC_0YDQvtCx0LvQtdC80Ysg0LjQty3Qt9CwINCy0YvRgdC-0LrQuNGFINGG0LXQvSDQvdCwINCz0LDQtyDQsiDQldCy0YDQvtC_0LUgCjLQntCx0LLQuNC90LXQvdC40Y8g0LPRgNCw0L3QuNGH0LDRgiDRgSDQsdGA0LXQtNC-0Lw6INC_0L7RgdC-0Lsg0KDQvtGB0YHQuNC4INC_0L7RgdGC0LDQstC40Lsg0L3QsCDQvNC10YHRgtC-INC30LDQv9Cw0LTQvdGL0YUg0LrRgNC40YLQuNC60L7QsiAKM9CQ0LzQtdGA0LjQutCw0L3RgdC60LjQuSDQsNC00LzQuNGA0LDQuyDQvtGG0LXQvdC40Lsg0LDQv9C_0LXRgtC40YIg0J_Rg9GC0LjQvdCwINC6INGA0LjRgdC60YMgCjPQodGC0LDRgtC40YHRgtC40LrQsCDQv9C-INC60L7QstC40LTRgyDQsiDQoNC-0YHRgdC40Lgg0L3QsCAzMSDQvtC60YLRj9Cx0YDRjyAKM9CSINC_0Y_RgtC40LfQstC10LfQtNC-0YfQvdC-0Lwg0L7RgtC10LvQtSDQvdCwINC10LPQuNC_0LXRgtGB0LrQvtC8INC60YPRgNC-0YDRgtC1INC-0YLRgNCw0LLQuNC70LjRgdGMIDQwINGA0L7RgdGB0LjRj9C9OiDQv9C-0LTRgNC-0LHQvdC-0YHRgtC4IAoz0J_Rg9GC0LjQvSDQstGL0YHRgtGD0L_QuNC7INC90LAgRzIwOiDQv9GA0LXQt9C40LTQtdC90YIg0L7QsdGA0LDRgtC40LvRgdGPINC6INGB0YLRgNCw0L3QsNC8INGBINC_0YDQuNC30YvQstC-0LwgCjPQkdC-0LvRjNGI0LDRjyDQvtGI0LjQsdC60LA6INCR0L7Qu9GC0L7QvSDQv9GA0LXQtNC-0YHRgtC10YDQtdCzINCg0L7RgdGB0LjRjiDQvtGCINGB0L7RjtC30LAg0YEg0JrQuNGC0LDQtdC8IAoz0JrRg9GA0YEg0YDRg9Cx0LvRjyAKM9Ck0L7RgtC-0YDQtdC_0L7RgNGC0LDQtiAKM9Ca0L7RgNC-0L3QsNCy0LjRgNGD0YEg0LIg0KDQvtGB0YHQuNC4

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

1e62ed623cb1560c4b9e1dfe9a58e9e7764915f220f994d23ad9e7f832f7db47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635674737324948-92706035265106396800287-production-app-host-vla-pcode-134
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ytro.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 d093ce9b5ee4ee6345f4.js Show response
yastatic.net/partner-code-bundles/46952/ 623 KB
126 KB 146ms
91ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/46952/d093ce9b5ee4ee6345f4.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

11d07c33cfa91688ced5ec103241131c4a9642f0395d55ec11905b54e6f268fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ytro.news/
Origin: https://ytro.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 128417
last-modified: Fri, 29 Oct 2021 15:16:27 GMT
server: nginx/1.17.9
etag: "2323339b4af05f562329d21887581dc2"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2051 16:39:29 GMT

GET
H2 200 51c98caed20738cd0cda.js Show response
yastatic.net/partner-code-bundles/46952/ 338 KB
62 KB 182ms
127ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/46952/51c98caed20738cd0cda.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bdbb68c079fe40720998bf2b4163c027c502a2c4f7e5542cecd42e2181266dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ytro.news/
Origin: https://ytro.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 62647
last-modified: Fri, 29 Oct 2021 15:16:27 GMT
server: nginx/1.17.9
etag: "700bc96c0cfa670b5f01804410762b5d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2051 16:39:29 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 16ms
15ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=953058298&t=pageview&ds=non-prism&_s=1&dl=https%3A%2F%2Fytro.news%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=26697304&gjid=1239605705&cid=301309105.1635674737&tid=UA-172840221-27&_gid=552953095.1635674737&_r=1&_slc=1&z=229948208

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ytro.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 manifest.json
ytro.news/static/ 376 B
699 B 145ms
56ms Manifest
application/json 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ytro.news/static/manifest.json

Requested by

Host: ytro.news
URL: https://ytro.news/static/js/push.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

99fb6040a892b2d590d2e14702a0133869c60caff180195e1a98bceac121d65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Thu, 26 Sep 2019 09:27:32 GMT
server: nginx/1.18.0
cache-control: max-age=86400
etag: "5d8c8484-178"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
cl-cache: BYPASS
server-timing: i;dur=0, d;dur=10, r;dur=0
accept-ranges: bytes
content-length: 376
x-request-id: 49adb163efc2e79b18be1967f31390b8
expires: Mon, 01 Nov 2021 10:05:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/ Frame C9F8 10 KB
5 KB 32ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 30 Oct 2021 16:23:50 GMT
expires: Sat, 13 Nov 2021 16:23:50 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 63707
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 relap.js Show response
relap.io/v7/ Frame CFE2 13 KB
5 KB 57ms
57ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/relap.js

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

6de712ac16db9410b4c61e929db988deaab381f5a269d7aaa4a63867b380f364

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:26:47 GMT
server: nginx
etag: "617bda77-11e3"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 4579
expires: Sun, 31 Oct 2021 10:06:37 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/ 595 B
988 B 62ms
55ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=85047&rid=1635674737.291-1409550471&tid=t1.-1.1999280910.1635674737292&v=1.25.2i&exp=exp_bot%2Csplit_a%2Cexp_ab3%2Cb&rn=2014396307&bs=1600x1200&ce=1&rf&en=1&pt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&fv&sv&lv&le=0&url=https%3A%2F%2Fytro.news%2F&eid=2578747372988242&stid=613565743_1635674737294&sn=1&sen=1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 9955e76a0aa0414abf703f10e87d93722c71f3fa57c82eb7531c9473d9ef72fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
x-srv: 1node0044.top100.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
access-control-allow-headers: content-type
content-length: 595
server: nginx/1.19.4

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 145B 11 KB
5 KB 56ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ytro.news

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2020
date: Sun, 31 Oct 2021 10:05:37 GMT
content-length: 4685

GET
H2 200 bx_loader.gif
ytro.news/static/css/images/ 8 KB
9 KB 45ms
44ms Image
image/gif 109.248.237.34
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ytro.news/static/css/images/bx_loader.gif

Requested by

Host: ytro.news
URL: https://ytro.news/static/css/newmain.css?v9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.34 , Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/static/css/newmain.css?v9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.18.0
etag: "5c99eaa2-2185"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: max-age=2592000
server-timing: i;dur=0, d;dur=12, r;dur=0
x-request-id: 86a83bd1f3bcb136d4a9f9f777762902
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d3094584b53b793f7423681a7fec10e7b1bd61ae300f194796d5898b4ac4c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
159 B 72ms
16ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&cnt=1&lid=0&tid=0
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:37 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 72ms
17ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&lid=0&tid=0&fcp_green=691.100&fcp_green_cnt=1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:37 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 61ms
17ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&lid=0&tid=0&cls_green=0.001&cls_green_cnt=1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:37 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 62ms
18ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&lid=0&tid=0&lcp_green=691.100&lcp_green_cnt=1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:37 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 49ms
17ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&lid=0&tid=0&lcp_green=-691.100&lcp_green_cnt=-1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:37 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 15ms
14ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&lid=0&tid=0&lcp_green=719.000&lcp_green_cnt=1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:37 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

GET
H/1.1 204
No Content p
ingestion.contentinsights.com/ 0
88 B 130ms
32ms Image
text/plain 34.252.144.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/p?a=&b=&c=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&d=https%3A%2F%2Fytro.news%2F&e=&f=1401&g=&h=&i=&j=&k=&l=&m=&u=1635674737363.807533475.7257824&ul=1635674737365.810692225.5162628&x=0.551130956107831&t=0&err=&ver=19
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.144.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-144-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/275069/getBulk/ 10 KB
4 KB 272ms
271ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/275069/getBulk/v2?dl=https%3A%2F%2Fytro.news%2F&date=2021-10-31T10%3A05%3A37.377%2B00%3A00&pd=31&pdh=1200&pdw=1600&pr1=232581587&pr=411532975&prr=&pv=10&pw=0&extid_loader=&extid_tag_loader=ytro.news&ylv=0.46952&ybv=0.46952&ytt=479387069843477&is-turbo=0&skip-token=&ad-session-id=5608221635674737200&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1360%2C%22h%22%3A0%2C%22width%22%3A1360%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A120%2C%22top%22%3A83%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=46952&availableWidth=1360&availableHeight=0&pp=g&ps=cxhg&p2=gatj&slotNumber=2&bids=W3siY2FtcGFpZ25faWQiOjgyNjg3NSwicmVzcG9uc2VfdGltZSI6ODcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjkwMTg2In0seyJjYW1wYWlnbl9pZCI6ODI2ODc3LCJyZXNwb25zZV90aW1lIjoyODUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNTM0NzgzIn1d&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C67%3B443399%2C0%2C95%3B443799%2C0%2C37%3B443440%2C0%2C94%3B439949%2C0%2C61%3B436280%2C0%2C20%3B444595%2C0%2C85%3B434215%2C0%2C96%3B444618%2C0%2C64%3B445012%2C0%2C36%3B204304%2C0%2C43&pcode-flags-map=eJyNVttuo0gQ%2FReenRXQXOetgbbdCtBsd5PLRqMWcdCsJcaOsBPtzmj%2BfQoDiRvHzvgBDOZU1Tl1qvBPg%2BQ4SomKWUJioW6XVJKUCml8efhpvFbNS218MSQviTEz9vVuT5%2Fg2rFD0w2NX19nRkLFAZ%2BQOS5TqeSSZESRrJD3Kik5lpTln8by0SFWRhKK1ZxCuIhKwBJVcMo4hVhzHEvGtUjmX2b3sU6iOYdoNywtoZSolJLlCuc0Oy2mJ38SwD8EKHM6ZxxQfwLp1YiXOF%2BAmCmNr0EKzsrFUqVsQWMtBnCBSsbSRo5aTGT7tn2IOTRIXNP8WN3LojoWcqxj%2BE0RDj3%2BDOiHPfAGCyVkDyZcTKVzHGQhX8c63iDdkPS9oeAsKpcqE6S7lISrMk%2FgiKNEsTz9jI3r2H1TcTJndyrjsbqhgkY07bwBGh4U14LU%2Fz3rTfIRMse%2Bpgx32aG9CmfFMW7fvtQaLEDhAIPaheAK2jDBnOZ6A83LND2gCsJjksvODCCLxMf4g5GtCWG37%2F44V12M3o1aAx%2BMH%2FUGcsPRHk5X36qmqdv%2F4fJx3TSP26p9gu%2F%2Fbtv1j%2B1mXzXahYmsAG5UT9Xzfv1ax9vNDiRY7bct3P2%2BfarbDR5%2BgxvP292%2BbuOq3b7s6uYY935r971q92q%2Fbmrj68ecuIxUhPO860CKF%2BKilu%2BwZQQ%2BPH7WsS0XnUmRFUqQPFERwfHEudMMCHmme95dERjsNtczP1he4Nn%2BzHZhEbpwCoLAmiHXsYJgZqPQRd3JNX1vZnswF2hmm7ZlmuMjyAw9D%2BC%2BGZqWrhJy%2FdHqwIDkikWC8Alzo95Uj02t0%2FDssJ%2B%2BOb0jyeAWxUk3aJcF8IKwzxmzrOBEiL4vKsOazzWLosDzrDGdguW6gCEvOJMsZulZlGNaQ6rO0EsyjmFMYEOLW71Qa7KY%2FDd6KoMpXBK6WEqVy8vD6LgofC9UJNcqxfeslLAO8zldnE8IZurfS5IIqchdobqV2KO6LVB0%2B1RLDb9JDuz1XeC7Qc84w1yOxv9opR4m5%2Bqx2mzq9mqcLPVq63QQCsM3OhHjnYLyvoDlRKSki1wfp9W%2BmcD9AZ7BWqF9NZf1Q9C1IwJ%2Fl6TUabf1qmpWuqXC0OnT3NJkQaT6BxRLyN0nPrSDPtMgkijB%2BPeKJiovs0iv09TfPG4IIzw700nHs%2FoWFEx07x5waErik38DUM%2FVerXdXOmKo27PfFAWmD3C%2FZLQt7nlnsneGWY6yY4X%2BJMOu6bVbbFfvwHEWsqU&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=kb094GLO1XlAbBNGlUwZSTk6433%2FOA0p1ZW%2BPTurjAyJOmOdqbHunGOGe9UGrfk0NQ6WP72oTcZnS5EAbJ%2BN8yhnyhw%3D&grab-orig-len=2048&grab=dNCd0L7QstC-0YHRgtC4INCg0L7RgdGB0LjQuCDQuCDQvNC40YDQsCDigJMg0KPRgtGA0L4u0YDRgyDigJMg0L_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4INC90LAg0YHQtdCz0L7QtNC90Y8KMSAi0J3QuNC60LDQutC40YUg0L_RgNC-0LHQu9C10LwiOiDQvtGC0LXQu9GMINCyINCl0YPRgNCz0LDQtNC1INC_0YDQuNC90LjQvNCw0LXRgiDRgtGD0YDQuNGB0YLQvtCyINC_0L7RgdC70LUg0LzQsNGB0YHQvtCy0L7Qs9C-INC-0YLRgNCw0LLQu9C10L3QuNGPINGA0L7RgdGB0LjRj9C9IAoy0KDQtdC60L7QvNC10L3QtNGD0LXQvCAKMtCd0L7QstC-0YHRgtC4INCj0LrRgNCw0LjQvdGLIAoy0KjQvtGDLdCx0LjQt9C90LXRgSAKMtCQ0YDQvNC40Y8gCjLQndC-0LLQvtGB0YLQuCDQv9Cw0YDRgtC90LXRgNC-0LIgCjLQvdC-0LLQvtGB0YLQvdCw0Y8g0LvQtdC90YLQsCAKMtCy0YvQsdC-0YAg0YDQtdC00LDQutGG0LjQuCAKMtCd0L7QstC-0YHRgtC4INC_0LDRgNGC0L3QtdGA0L7QsiAKMtCc0L7Qu9C00LDQstC40Y8g0LLRi9GC0L7RgNCz0L7QstCw0LvQsCDRgyDQoNC-0YHRgdC40Lgg0YHQutC40LTQutGDINC90LAg0LPQsNC3IAoy0KDQsNC00L7QstCw0YLRjNGB0Y8g0L3QtdGH0LXQvNGDOiDQp9GD0LHQsNC50YEg0L_RgNC10LTRgNC10Log0KDQvtGB0YHQuNC4INC_0YDQvtCx0LvQtdC80Ysg0LjQty3Qt9CwINCy0YvRgdC-0LrQuNGFINGG0LXQvSDQvdCwINCz0LDQtyDQsiDQldCy0YDQvtC_0LUgCjLQntCx0LLQuNC90LXQvdC40Y8g0LPRgNCw0L3QuNGH0LDRgiDRgSDQsdGA0LXQtNC-0Lw6INC_0L7RgdC-0Lsg0KDQvtGB0YHQuNC4INC_0L7RgdGC0LDQstC40Lsg0L3QsCDQvNC10YHRgtC-INC30LDQv9Cw0LTQvdGL0YUg0LrRgNC40YLQuNC60L7QsiAKM9CQ0LzQtdGA0LjQutCw0L3RgdC60LjQuSDQsNC00LzQuNGA0LDQuyDQvtGG0LXQvdC40Lsg0LDQv9C_0LXRgtC40YIg0J_Rg9GC0LjQvdCwINC6INGA0LjRgdC60YMgCjPQodGC0LDRgtC40YHRgtC40LrQsCDQv9C-INC60L7QstC40LTRgyDQsiDQoNC-0YHRgdC40Lgg0L3QsCAzMSDQvtC60YLRj9Cx0YDRjyAKM9CSINC_0Y_RgtC40LfQstC10LfQtNC-0YfQvdC-0Lwg0L7RgtC10LvQtSDQvdCwINC10LPQuNC_0LXRgtGB0LrQvtC8INC60YPRgNC-0YDRgtC1INC-0YLRgNCw0LLQuNC70LjRgdGMIDQwINGA0L7RgdGB0LjRj9C9OiDQv9C-0LTRgNC-0LHQvdC-0YHRgtC4IAoz0J_Rg9GC0LjQvSDQstGL0YHRgtGD0L_QuNC7INC90LAgRzIwOiDQv9GA0LXQt9C40LTQtdC90YIg0L7QsdGA0LDRgtC40LvRgdGPINC6INGB0YLRgNCw0L3QsNC8INGBINC_0YDQuNC30YvQstC-0LwgCjPQkdC-0LvRjNGI0LDRjyDQvtGI0LjQsdC60LA6INCR0L7Qu9GC0L7QvSDQv9GA0LXQtNC-0YHRgtC10YDQtdCzINCg0L7RgdGB0LjRjiDQvtGCINGB0L7RjtC30LAg0YEg0JrQuNGC0LDQtdC8IAoz0JrRg9GA0YEg0YDRg9Cx0LvRjyAKM9Ck0L7RgtC-0YDQtdC_0L7RgNGC0LDQtiAKM9Ca0L7RgNC-0L3QsNCy0LjRgNGD0YEg0LIg0KDQvtGB0YHQuNC4

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f077cb5acc0dd2c7447802fb25e2e5d4723e58a2f4680c466fb875c0583a4cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635674737405687-126446210253901249700294-production-app-host-man-pcode-146
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ytro.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
BLOB 200
OK 8f1e93ac-69a7-4139-a77c-bcb0471f4617
https://ytro.news/ 206 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ytro.news/8f1e93ac-69a7-4139-a77c-bcb0471f4617
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0731b5d2c78f88226092daf1edd073c7b2db4f7f8cb7171bb1319441d3ea4b43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 206
Content-Type: text/javascript

GET
BLOB 200
OK 554afb75-eb90-48c3-b669-9e30fc47812f
https://ytro.news/ 193 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ytro.news/554afb75-eb90-48c3-b669-9e30fc47812f
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca13872c33b4c6ed94596292a6201d7daf62dcca6791154250f44b0264b3d8ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 193
Content-Type: text/javascript

GET
H2 200 app_index.0afa1420a983127a9cba.js Show response
relap.io/v7/ Frame CFE2 18 KB
8 KB 61ms
61ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/app_index.0afa1420a983127a9cba.js

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

05e30cdf9fa837624c5f29849e39fbfb1ada2ce2e3e1d801d89f8bd9c5e535fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:26:47 GMT
server: nginx
etag: "617bda77-1fbb"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
content-length: 8123
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H2 200 init Show response
relap.io/api/v7/ Frame CFE2 55 B
1 KB 72ms
72ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/init?token=oNigYORgE2yRYJGU&url=https%3A%2F%2Fytro.news%2F

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

5b2c8581b8d43c0014ae587373a9792159f8c5a86038de7f9fdaf69d95027343

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
content-length: 55
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ytro.news
cache-control: max-age=1, no-cache
x-server: web05
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie

GET
H2 200 ext_cfgs Show response
relap.io/api/v7/ Frame CFE2 621 B
2 KB 87ms
87ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/ext_cfgs?token=oNigYORgE2yRYJGU&url=https%3A%2F%2Fytro.news%2F

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

495429cb787693ce24f666d219b16ab9ab109313630ae9dc350258e69179ede6

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
access-control-max-age: 1728000
vary: Origin
content-length: 621
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ytro.news
cache-control: max-age=1, no-cache
x-server: back16
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie

OPTIONS
H2 200 init
relap.io/api/v7/ Frame 0
0 241ms
65ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/init?token=oNigYORgE2yRYJGU&url=https%3A%2F%2Fytro.news%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://ytro.news
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-origin: https://ytro.news
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
vary: Origin
date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
x-server: back10
access-control-max-age: 1728000
strict-transport-security: max-age=5184000; includeSubdomains;

OPTIONS
H2 200 ext_cfgs
relap.io/api/v7/ Frame 0
0 238ms
64ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/ext_cfgs?token=oNigYORgE2yRYJGU&url=https%3A%2F%2Fytro.news%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://ytro.news
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
date: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server: back16
x-content-type-options: nosniff
access-control-allow-origin: https://ytro.news
access-control-max-age: 1728000
strict-transport-security: max-age=5184000; includeSubdomains;

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
995 B 53ms
53ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3195882;u=https%3A//ytro.news/;st=1635674737299;title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=6ad5d18e20082d0d;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;lvid=1635674737398%3A1635674737408%3A1%3Ad3edcdd251d914232074ca1405519be5;opts=dl;visible=true;_=0.7339887644128349

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://ytro.news
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ytro.news
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://ytro.news
access-control-allow-headers: *

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
997 B 53ms
53ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2731601;u=https%3A//ytro.news/;st=1635674737299;title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=6ad5d18e20082d0d;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;lvid=1635674737398%3A1635674737410%3A2%3Ad3edcdd251d914232074ca1405519be5;opts=sec%2Cdl;visible=true;_=0.9315231585701225

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://ytro.news
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ytro.news
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://ytro.news
access-control-allow-headers: *

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 15ms
13ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&lid=0&tid=0&lcp_green=-719.000&lcp_green_cnt=-1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:37 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 16ms
14ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&lid=0&tid=0&lcp_green=927.699&lcp_green_cnt=1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:37 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 283ms
114ms Script
application/x-javascript 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: 382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Aug 2021 20:46:02 GMT
Server: nginx
ETag: W/"610afc8a-133b9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.smi2.net/init/ 95 B
463 B 54ms
54ms Image
image/png 146.185.195.88
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.net/init/?siteid=9759&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Fytro.news%2F&rnd=832518640984
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.195.88 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel23.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-Target-Version: 2
Date: Sun, 31 Oct 2021 10:05:37 GMT
X-Target-Final: 20211031130537-0
Server: nginx
X-Target-Host: target2-1.ssel23
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00025
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Sun, 31 Oct 2021 10:05:36 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 145B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ytro.news&sn=ChromeSyncframe&so=0&topUrl=ytro.news&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=43PdbnxEUWxWTWRUMHJkVFZJcS9wNEhDVm83Mi9xc0xES1RlVVVEM2RNUTl4OW5EUDhEbDNjYm4rdFFqN2ZuVVFFTnJIK1p2bEJQTHJIWjEwUUFpanJnZktKOXhOaUdKVjdxeTJack1pTlZqLzVjN0VmS0NoUUVSWWYxcn...

420 B
620 B

663ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=43PdbnxEUWxWTWRUMHJkVFZJcS9wNEhDVm83Mi9xc0xES1RlVVVEM2RNUTl4OW5EUDhEbDNjYm4rdFFqN2ZuVVFFTnJIK1p2bEJQTHJIWjEwUUFpanJnZktKOXhOaUdKVjdxeTJack1pTlZqLzVjN0VmS0NoUUVSWWYxcng2NzdhbUh5MTA5bHZWYjQ2TFRXTndWVWJ6OTBtcHZUM0RaVFQ3azhJdVB6NllreXZKYjF4YWZwYW91YlMyb05RcjJSMGZGLzRRWUJoQXRPS3ByN3Z3N0ZvV2lUZE1uaWxFZW1wanl1Skp4OERTcTBtWWFMMlBoSDFJZVk3MW11Sit4Yklac2trTGMweHRZL2NHb0piZU16Q3BDbW56Zz09fA&cppv=2

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9b1d65f4e181b72a8be65abf97ff1a53ecad6824a1abea9359068d378a0635ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 31 Oct 2021 10:05:37 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2387
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 31 Oct 2021 10:05:37 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=43PdbnxEUWxWTWRUMHJkVFZJcS9wNEhDVm83Mi9xc0xES1RlVVVEM2RNUTl4OW5EUDhEbDNjYm4rdFFqN2ZuVVFFTnJIK1p2bEJQTHJIWjEwUUFpanJnZktKOXhOaUdKVjdxeTJack1pTlZqLzVjN0VmS0NoUUVSWWYxcng2NzdhbUh5MTA5bHZWYjQ2TFRXTndWVWJ6OTBtcHZUM0RaVFQ3azhJdVB6NllreXZKYjF4YWZwYW91YlMyb05RcjJSMGZGLzRRWUJoQXRPS3ByN3Z3N0ZvV2lUZE1uaWxFZW1wanl1Skp4OERTcTBtWWFMMlBoSDFJZVk3MW11Sit4Yklac2trTGMweHRZL2NHb0piZU16Q3BDbW56Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1717
content-length: 541
expires: 0

GET
H2 200 v2 Show response
an.yandex.ru/adfox/275069/getBulk/ 11 KB
4 KB 264ms
263ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/275069/getBulk/v2?dl=https%3A%2F%2Fytro.news%2F&date=2021-10-31T10%3A05%3A37.458%2B00%3A00&pd=31&pdh=1200&pdw=1600&pr1=4233194703&pr=411532975&prr=&pv=10&pw=0&extid_loader=&extid_tag_loader=ytro.news&ylv=0.46952&ybv=0.46952&ytt=479387069843477&is-turbo=0&skip-token=&ad-session-id=5608221635674737200&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A267.5%2C%22h%22%3A0%2C%22width%22%3A268%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1178%2C%22top%22%3A3011%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=46952&availableWidth=267.5&availableHeight=0&pp=h&ps=cxhg&p2=gatm&slotNumber=6&bids=W3siY2FtcGFpZ25faWQiOjgyNjg3NSwicmVzcG9uc2VfdGltZSI6ODcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjkwMTgwIn0seyJjYW1wYWlnbl9pZCI6ODI2ODc3LCJyZXNwb25zZV90aW1lIjoyODUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNTM0Nzg1In0seyJjYW1wYWlnbl9pZCI6ODI2ODc2LCJyZXNwb25zZV90aW1lIjozNjcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNDY2MjkifSx7ImNhbXBhaWduX2lkIjoxMTM2NTI4LCJyZXNwb25zZV90aW1lIjo3MCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6ImhjWmtPTlZMb3RnamtCSm5HbXlIIn0seyJjYW1wYWlnbl9pZCI6MTUzMzc3NCwicmVzcG9uc2VfdGltZSI6NjksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjU1In1d&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C67%3B443399%2C0%2C95%3B443799%2C0%2C37%3B443440%2C0%2C94%3B439949%2C0%2C61%3B436280%2C0%2C20%3B444595%2C0%2C85%3B434215%2C0%2C96%3B444618%2C0%2C64%3B445012%2C0%2C36%3B204304%2C0%2C43&pcode-flags-map=eJyNVttuo0gQ%2FReenRXQXOetgbbdCtBsd5PLRqMWcdCsJcaOsBPtzmj%2BfQoDiRvHzvgBDOZU1Tl1qvBPg%2BQ4SomKWUJioW6XVJKUCml8efhpvFbNS218MSQviTEz9vVuT5%2Fg2rFD0w2NX19nRkLFAZ%2BQOS5TqeSSZESRrJD3Kik5lpTln8by0SFWRhKK1ZxCuIhKwBJVcMo4hVhzHEvGtUjmX2b3sU6iOYdoNywtoZSolJLlCuc0Oy2mJ38SwD8EKHM6ZxxQfwLp1YiXOF%2BAmCmNr0EKzsrFUqVsQWMtBnCBSsbSRo5aTGT7tn2IOTRIXNP8WN3LojoWcqxj%2BE0RDj3%2BDOiHPfAGCyVkDyZcTKVzHGQhX8c63iDdkPS9oeAsKpcqE6S7lISrMk%2FgiKNEsTz9jI3r2H1TcTJndyrjsbqhgkY07bwBGh4U14LU%2Fz3rTfIRMse%2Bpgx32aG9CmfFMW7fvtQaLEDhAIPaheAK2jDBnOZ6A83LND2gCsJjksvODCCLxMf4g5GtCWG37%2F44V12M3o1aAx%2BMH%2FUGcsPRHk5X36qmqdv%2F4fJx3TSP26p9gu%2F%2Fbtv1j%2B1mXzXahYmsAG5UT9Xzfv1ax9vNDiRY7bct3P2%2BfarbDR5%2BgxvP292%2BbuOq3b7s6uYY935r971q92q%2Fbmrj68ecuIxUhPO860CKF%2BKilu%2BwZQQ%2BPH7WsS0XnUmRFUqQPFERwfHEudMMCHmme95dERjsNtczP1he4Nn%2BzHZhEbpwCoLAmiHXsYJgZqPQRd3JNX1vZnswF2hmm7ZlmuMjyAw9D%2BC%2BGZqWrhJy%2FdHqwIDkikWC8Alzo95Uj02t0%2FDssJ%2B%2BOb0jyeAWxUk3aJcF8IKwzxmzrOBEiL4vKsOazzWLosDzrDGdguW6gCEvOJMsZulZlGNaQ6rO0EsyjmFMYEOLW71Qa7KY%2FDd6KoMpXBK6WEqVy8vD6LgofC9UJNcqxfeslLAO8zldnE8IZurfS5IIqchdobqV2KO6LVB0%2B1RLDb9JDuz1XeC7Qc84w1yOxv9opR4m5%2Bqx2mzq9mqcLPVq63QQCsM3OhHjnYLyvoDlRKSki1wfp9W%2BmcD9AZ7BWqF9NZf1Q9C1IwJ%2Fl6TUabf1qmpWuqXC0OnT3NJkQaT6BxRLyN0nPrSDPtMgkijB%2BPeKJiovs0iv09TfPG4IIzw700nHs%2FoWFEx07x5waErik38DUM%2FVerXdXOmKo27PfFAWmD3C%2FZLQt7nlnsneGWY6yY4X%2BJMOu6bVbbFfvwHEWsqU&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=kb094GLO1XlAbBNGlUwZSTk6433%2FOA0p1ZW%2BPTurjAyJOmOdqbHunGOGe9UGrfk0NQ6WP72oTcZnS5EAbJ%2BN8yhnyhw%3D&grab-orig-len=2048&grab=dNCd0L7QstC-0YHRgtC4INCg0L7RgdGB0LjQuCDQuCDQvNC40YDQsCDigJMg0KPRgtGA0L4u0YDRgyDigJMg0L_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4INC90LAg0YHQtdCz0L7QtNC90Y8KMSAi0J3QuNC60LDQutC40YUg0L_RgNC-0LHQu9C10LwiOiDQvtGC0LXQu9GMINCyINCl0YPRgNCz0LDQtNC1INC_0YDQuNC90LjQvNCw0LXRgiDRgtGD0YDQuNGB0YLQvtCyINC_0L7RgdC70LUg0LzQsNGB0YHQvtCy0L7Qs9C-INC-0YLRgNCw0LLQu9C10L3QuNGPINGA0L7RgdGB0LjRj9C9IAoy0KDQtdC60L7QvNC10L3QtNGD0LXQvCAKMtCd0L7QstC-0YHRgtC4INCj0LrRgNCw0LjQvdGLIAoy0KjQvtGDLdCx0LjQt9C90LXRgSAKMtCQ0YDQvNC40Y8gCjLQndC-0LLQvtGB0YLQuCDQv9Cw0YDRgtC90LXRgNC-0LIgCjLQvdC-0LLQvtGB0YLQvdCw0Y8g0LvQtdC90YLQsCAKMtCy0YvQsdC-0YAg0YDQtdC00LDQutGG0LjQuCAKMtCd0L7QstC-0YHRgtC4INC_0LDRgNGC0L3QtdGA0L7QsiAKMtCc0L7Qu9C00LDQstC40Y8g0LLRi9GC0L7RgNCz0L7QstCw0LvQsCDRgyDQoNC-0YHRgdC40Lgg0YHQutC40LTQutGDINC90LAg0LPQsNC3IAoy0KDQsNC00L7QstCw0YLRjNGB0Y8g0L3QtdGH0LXQvNGDOiDQp9GD0LHQsNC50YEg0L_RgNC10LTRgNC10Log0KDQvtGB0YHQuNC4INC_0YDQvtCx0LvQtdC80Ysg0LjQty3Qt9CwINCy0YvRgdC-0LrQuNGFINGG0LXQvSDQvdCwINCz0LDQtyDQsiDQldCy0YDQvtC_0LUgCjLQntCx0LLQuNC90LXQvdC40Y8g0LPRgNCw0L3QuNGH0LDRgiDRgSDQsdGA0LXQtNC-0Lw6INC_0L7RgdC-0Lsg0KDQvtGB0YHQuNC4INC_0L7RgdGC0LDQstC40Lsg0L3QsCDQvNC10YHRgtC-INC30LDQv9Cw0LTQvdGL0YUg0LrRgNC40YLQuNC60L7QsiAKM9CQ0LzQtdGA0LjQutCw0L3RgdC60LjQuSDQsNC00LzQuNGA0LDQuyDQvtGG0LXQvdC40Lsg0LDQv9C_0LXRgtC40YIg0J_Rg9GC0LjQvdCwINC6INGA0LjRgdC60YMgCjPQodGC0LDRgtC40YHRgtC40LrQsCDQv9C-INC60L7QstC40LTRgyDQsiDQoNC-0YHRgdC40Lgg0L3QsCAzMSDQvtC60YLRj9Cx0YDRjyAKM9CSINC_0Y_RgtC40LfQstC10LfQtNC-0YfQvdC-0Lwg0L7RgtC10LvQtSDQvdCwINC10LPQuNC_0LXRgtGB0LrQvtC8INC60YPRgNC-0YDRgtC1INC-0YLRgNCw0LLQuNC70LjRgdGMIDQwINGA0L7RgdGB0LjRj9C9OiDQv9C-0LTRgNC-0LHQvdC-0YHRgtC4IAoz0J_Rg9GC0LjQvSDQstGL0YHRgtGD0L_QuNC7INC90LAgRzIwOiDQv9GA0LXQt9C40LTQtdC90YIg0L7QsdGA0LDRgtC40LvRgdGPINC6INGB0YLRgNCw0L3QsNC8INGBINC_0YDQuNC30YvQstC-0LwgCjPQkdC-0LvRjNGI0LDRjyDQvtGI0LjQsdC60LA6INCR0L7Qu9GC0L7QvSDQv9GA0LXQtNC-0YHRgtC10YDQtdCzINCg0L7RgdGB0LjRjiDQvtGCINGB0L7RjtC30LAg0YEg0JrQuNGC0LDQtdC8IAoz0JrRg9GA0YEg0YDRg9Cx0LvRjyAKM9Ck0L7RgtC-0YDQtdC_0L7RgNGC0LDQtiAKM9Ca0L7RgNC-0L3QsNCy0LjRgNGD0YEg0LIg0KDQvtGB0YHQuNC4

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7890f0e55163ab13f71814d1efb4c332c0d92a669419768a1a580febe0962176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635674737515746-454696922496113275000291-production-app-host-vla-pcode-216
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ytro.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/275069/getBulk/ 11 KB
4 KB 288ms
287ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/275069/getBulk/v2?dl=https%3A%2F%2Fytro.news%2F&date=2021-10-31T10%3A05%3A37.463%2B00%3A00&pd=31&pdh=1200&pdw=1600&pr1=673562666&pr=411532975&prr=&pv=10&pw=0&extid_loader=&extid_tag_loader=ytro.news&ylv=0.46952&ybv=0.46952&ytt=479387069843477&is-turbo=0&skip-token=&ad-session-id=5608221635674737200&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1140%2C%22top%22%3A1486%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=46952&availableWidth=300&availableHeight=0&pp=g&ps=cxhg&p2=gatn&slotNumber=4&bids=W3siY2FtcGFpZ25faWQiOjgyNjg3NSwicmVzcG9uc2VfdGltZSI6ODcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNTE0OTk3In0seyJjYW1wYWlnbl9pZCI6ODI2ODc3LCJyZXNwb25zZV90aW1lIjoyODUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIzODcxMzg1In0seyJjYW1wYWlnbl9pZCI6ODI2ODc2LCJyZXNwb25zZV90aW1lIjozNjcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI3NzQ5MDQifSx7ImNhbXBhaWduX2lkIjoxMTM2NTI4LCJyZXNwb25zZV90aW1lIjo3MCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6Im5BQlU3RzZScHB4d2loNTJrTmZ6In0seyJjYW1wYWlnbl9pZCI6MTUzMzc3NCwicmVzcG9uc2VfdGltZSI6NjksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIzMDEwIn1d&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C67%3B443399%2C0%2C95%3B443799%2C0%2C37%3B443440%2C0%2C94%3B439949%2C0%2C61%3B436280%2C0%2C20%3B444595%2C0%2C85%3B434215%2C0%2C96%3B444618%2C0%2C64%3B445012%2C0%2C36%3B204304%2C0%2C43&pcode-flags-map=eJyNVttuo0gQ%2FReenRXQXOetgbbdCtBsd5PLRqMWcdCsJcaOsBPtzmj%2BfQoDiRvHzvgBDOZU1Tl1qvBPg%2BQ4SomKWUJioW6XVJKUCml8efhpvFbNS218MSQviTEz9vVuT5%2Fg2rFD0w2NX19nRkLFAZ%2BQOS5TqeSSZESRrJD3Kik5lpTln8by0SFWRhKK1ZxCuIhKwBJVcMo4hVhzHEvGtUjmX2b3sU6iOYdoNywtoZSolJLlCuc0Oy2mJ38SwD8EKHM6ZxxQfwLp1YiXOF%2BAmCmNr0EKzsrFUqVsQWMtBnCBSsbSRo5aTGT7tn2IOTRIXNP8WN3LojoWcqxj%2BE0RDj3%2BDOiHPfAGCyVkDyZcTKVzHGQhX8c63iDdkPS9oeAsKpcqE6S7lISrMk%2FgiKNEsTz9jI3r2H1TcTJndyrjsbqhgkY07bwBGh4U14LU%2Fz3rTfIRMse%2Bpgx32aG9CmfFMW7fvtQaLEDhAIPaheAK2jDBnOZ6A83LND2gCsJjksvODCCLxMf4g5GtCWG37%2F44V12M3o1aAx%2BMH%2FUGcsPRHk5X36qmqdv%2F4fJx3TSP26p9gu%2F%2Fbtv1j%2B1mXzXahYmsAG5UT9Xzfv1ax9vNDiRY7bct3P2%2BfarbDR5%2BgxvP292%2BbuOq3b7s6uYY935r971q92q%2Fbmrj68ecuIxUhPO860CKF%2BKilu%2BwZQQ%2BPH7WsS0XnUmRFUqQPFERwfHEudMMCHmme95dERjsNtczP1he4Nn%2BzHZhEbpwCoLAmiHXsYJgZqPQRd3JNX1vZnswF2hmm7ZlmuMjyAw9D%2BC%2BGZqWrhJy%2FdHqwIDkikWC8Alzo95Uj02t0%2FDssJ%2B%2BOb0jyeAWxUk3aJcF8IKwzxmzrOBEiL4vKsOazzWLosDzrDGdguW6gCEvOJMsZulZlGNaQ6rO0EsyjmFMYEOLW71Qa7KY%2FDd6KoMpXBK6WEqVy8vD6LgofC9UJNcqxfeslLAO8zldnE8IZurfS5IIqchdobqV2KO6LVB0%2B1RLDb9JDuz1XeC7Qc84w1yOxv9opR4m5%2Bqx2mzq9mqcLPVq63QQCsM3OhHjnYLyvoDlRKSki1wfp9W%2BmcD9AZ7BWqF9NZf1Q9C1IwJ%2Fl6TUabf1qmpWuqXC0OnT3NJkQaT6BxRLyN0nPrSDPtMgkijB%2BPeKJiovs0iv09TfPG4IIzw700nHs%2FoWFEx07x5waErik38DUM%2FVerXdXOmKo27PfFAWmD3C%2FZLQt7nlnsneGWY6yY4X%2BJMOu6bVbbFfvwHEWsqU&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=kb094GLO1XlAbBNGlUwZSTk6433%2FOA0p1ZW%2BPTurjAyJOmOdqbHunGOGe9UGrfk0NQ6WP72oTcZnS5EAbJ%2BN8yhnyhw%3D&grab-orig-len=2048&grab=dNCd0L7QstC-0YHRgtC4INCg0L7RgdGB0LjQuCDQuCDQvNC40YDQsCDigJMg0KPRgtGA0L4u0YDRgyDigJMg0L_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4INC90LAg0YHQtdCz0L7QtNC90Y8KMSAi0J3QuNC60LDQutC40YUg0L_RgNC-0LHQu9C10LwiOiDQvtGC0LXQu9GMINCyINCl0YPRgNCz0LDQtNC1INC_0YDQuNC90LjQvNCw0LXRgiDRgtGD0YDQuNGB0YLQvtCyINC_0L7RgdC70LUg0LzQsNGB0YHQvtCy0L7Qs9C-INC-0YLRgNCw0LLQu9C10L3QuNGPINGA0L7RgdGB0LjRj9C9IAoy0KDQtdC60L7QvNC10L3QtNGD0LXQvCAKMtCd0L7QstC-0YHRgtC4INCj0LrRgNCw0LjQvdGLIAoy0KjQvtGDLdCx0LjQt9C90LXRgSAKMtCQ0YDQvNC40Y8gCjLQndC-0LLQvtGB0YLQuCDQv9Cw0YDRgtC90LXRgNC-0LIgCjLQvdC-0LLQvtGB0YLQvdCw0Y8g0LvQtdC90YLQsCAKMtCy0YvQsdC-0YAg0YDQtdC00LDQutGG0LjQuCAKMtCd0L7QstC-0YHRgtC4INC_0LDRgNGC0L3QtdGA0L7QsiAKMtCc0L7Qu9C00LDQstC40Y8g0LLRi9GC0L7RgNCz0L7QstCw0LvQsCDRgyDQoNC-0YHRgdC40Lgg0YHQutC40LTQutGDINC90LAg0LPQsNC3IAoy0KDQsNC00L7QstCw0YLRjNGB0Y8g0L3QtdGH0LXQvNGDOiDQp9GD0LHQsNC50YEg0L_RgNC10LTRgNC10Log0KDQvtGB0YHQuNC4INC_0YDQvtCx0LvQtdC80Ysg0LjQty3Qt9CwINCy0YvRgdC-0LrQuNGFINGG0LXQvSDQvdCwINCz0LDQtyDQsiDQldCy0YDQvtC_0LUgCjLQntCx0LLQuNC90LXQvdC40Y8g0LPRgNCw0L3QuNGH0LDRgiDRgSDQsdGA0LXQtNC-0Lw6INC_0L7RgdC-0Lsg0KDQvtGB0YHQuNC4INC_0L7RgdGC0LDQstC40Lsg0L3QsCDQvNC10YHRgtC-INC30LDQv9Cw0LTQvdGL0YUg0LrRgNC40YLQuNC60L7QsiAKM9CQ0LzQtdGA0LjQutCw0L3RgdC60LjQuSDQsNC00LzQuNGA0LDQuyDQvtGG0LXQvdC40Lsg0LDQv9C_0LXRgtC40YIg0J_Rg9GC0LjQvdCwINC6INGA0LjRgdC60YMgCjPQodGC0LDRgtC40YHRgtC40LrQsCDQv9C-INC60L7QstC40LTRgyDQsiDQoNC-0YHRgdC40Lgg0L3QsCAzMSDQvtC60YLRj9Cx0YDRjyAKM9CSINC_0Y_RgtC40LfQstC10LfQtNC-0YfQvdC-0Lwg0L7RgtC10LvQtSDQvdCwINC10LPQuNC_0LXRgtGB0LrQvtC8INC60YPRgNC-0YDRgtC1INC-0YLRgNCw0LLQuNC70LjRgdGMIDQwINGA0L7RgdGB0LjRj9C9OiDQv9C-0LTRgNC-0LHQvdC-0YHRgtC4IAoz0J_Rg9GC0LjQvSDQstGL0YHRgtGD0L_QuNC7INC90LAgRzIwOiDQv9GA0LXQt9C40LTQtdC90YIg0L7QsdGA0LDRgtC40LvRgdGPINC6INGB0YLRgNCw0L3QsNC8INGBINC_0YDQuNC30YvQstC-0LwgCjPQkdC-0LvRjNGI0LDRjyDQvtGI0LjQsdC60LA6INCR0L7Qu9GC0L7QvSDQv9GA0LXQtNC-0YHRgtC10YDQtdCzINCg0L7RgdGB0LjRjiDQvtGCINGB0L7RjtC30LAg0YEg0JrQuNGC0LDQtdC8IAoz0JrRg9GA0YEg0YDRg9Cx0LvRjyAKM9Ck0L7RgtC-0YDQtdC_0L7RgNGC0LDQtiAKM9Ca0L7RgNC-0L3QsNCy0LjRgNGD0YEg0LIg0KDQvtGB0YHQuNC4

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6a7db638316f2e2c2a5bbc3f841a4e9d2f36d91c4eeca48dc8d5308ec266f119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635674737500980-625987717089486723800291-production-app-host-vla-pcode-133
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ytro.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/275069/getBulk/ 11 KB
4 KB 245ms
245ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/275069/getBulk/v2?dl=https%3A%2F%2Fytro.news%2F&date=2021-10-31T10%3A05%3A37.467%2B00%3A00&pd=31&pdh=1200&pdw=1600&pr1=4271078725&pr=411532975&prr=&pv=10&pw=0&extid_loader=&extid_tag_loader=ytro.news&ylv=0.46952&ybv=0.46952&ytt=479387069843477&is-turbo=0&skip-token=&ad-session-id=5608221635674737200&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A380%2C%22h%22%3A0%2C%22width%22%3A380%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1065%2C%22top%22%3A2576%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A5%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=46952&availableWidth=380&availableHeight=0&pp=h&ps=cxhg&p2=gato&slotNumber=5&bids=W3siY2FtcGFpZ25faWQiOjgyNjg3NSwicmVzcG9uc2VfdGltZSI6ODcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNTE0OTk4In0seyJjYW1wYWlnbl9pZCI6ODI2ODc3LCJyZXNwb25zZV90aW1lIjoyODUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIzODcxMzg2In0seyJjYW1wYWlnbl9pZCI6ODI2ODc2LCJyZXNwb25zZV90aW1lIjozNjcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI3NzQ5MDYifSx7ImNhbXBhaWduX2lkIjoxMTM2NTI4LCJyZXNwb25zZV90aW1lIjo3MCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6Ik1QYkdOWW1tR1dwRkI4eHRTb3RqIn0seyJjYW1wYWlnbl9pZCI6MTUzMzc3NCwicmVzcG9uc2VfdGltZSI6NjksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIzMDExIn1d&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C67%3B443399%2C0%2C95%3B443799%2C0%2C37%3B443440%2C0%2C94%3B439949%2C0%2C61%3B436280%2C0%2C20%3B444595%2C0%2C85%3B434215%2C0%2C96%3B444618%2C0%2C64%3B445012%2C0%2C36%3B204304%2C0%2C43&pcode-flags-map=eJyNVttuo0gQ%2FReenRXQXOetgbbdCtBsd5PLRqMWcdCsJcaOsBPtzmj%2BfQoDiRvHzvgBDOZU1Tl1qvBPg%2BQ4SomKWUJioW6XVJKUCml8efhpvFbNS218MSQviTEz9vVuT5%2Fg2rFD0w2NX19nRkLFAZ%2BQOS5TqeSSZESRrJD3Kik5lpTln8by0SFWRhKK1ZxCuIhKwBJVcMo4hVhzHEvGtUjmX2b3sU6iOYdoNywtoZSolJLlCuc0Oy2mJ38SwD8EKHM6ZxxQfwLp1YiXOF%2BAmCmNr0EKzsrFUqVsQWMtBnCBSsbSRo5aTGT7tn2IOTRIXNP8WN3LojoWcqxj%2BE0RDj3%2BDOiHPfAGCyVkDyZcTKVzHGQhX8c63iDdkPS9oeAsKpcqE6S7lISrMk%2FgiKNEsTz9jI3r2H1TcTJndyrjsbqhgkY07bwBGh4U14LU%2Fz3rTfIRMse%2Bpgx32aG9CmfFMW7fvtQaLEDhAIPaheAK2jDBnOZ6A83LND2gCsJjksvODCCLxMf4g5GtCWG37%2F44V12M3o1aAx%2BMH%2FUGcsPRHk5X36qmqdv%2F4fJx3TSP26p9gu%2F%2Fbtv1j%2B1mXzXahYmsAG5UT9Xzfv1ax9vNDiRY7bct3P2%2BfarbDR5%2BgxvP292%2BbuOq3b7s6uYY935r971q92q%2Fbmrj68ecuIxUhPO860CKF%2BKilu%2BwZQQ%2BPH7WsS0XnUmRFUqQPFERwfHEudMMCHmme95dERjsNtczP1he4Nn%2BzHZhEbpwCoLAmiHXsYJgZqPQRd3JNX1vZnswF2hmm7ZlmuMjyAw9D%2BC%2BGZqWrhJy%2FdHqwIDkikWC8Alzo95Uj02t0%2FDssJ%2B%2BOb0jyeAWxUk3aJcF8IKwzxmzrOBEiL4vKsOazzWLosDzrDGdguW6gCEvOJMsZulZlGNaQ6rO0EsyjmFMYEOLW71Qa7KY%2FDd6KoMpXBK6WEqVy8vD6LgofC9UJNcqxfeslLAO8zldnE8IZurfS5IIqchdobqV2KO6LVB0%2B1RLDb9JDuz1XeC7Qc84w1yOxv9opR4m5%2Bqx2mzq9mqcLPVq63QQCsM3OhHjnYLyvoDlRKSki1wfp9W%2BmcD9AZ7BWqF9NZf1Q9C1IwJ%2Fl6TUabf1qmpWuqXC0OnT3NJkQaT6BxRLyN0nPrSDPtMgkijB%2BPeKJiovs0iv09TfPG4IIzw700nHs%2FoWFEx07x5waErik38DUM%2FVerXdXOmKo27PfFAWmD3C%2FZLQt7nlnsneGWY6yY4X%2BJMOu6bVbbFfvwHEWsqU&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=kb094GLO1XlAbBNGlUwZSTk6433%2FOA0p1ZW%2BPTurjAyJOmOdqbHunGOGe9UGrfk0NQ6WP72oTcZnS5EAbJ%2BN8yhnyhw%3D&grab-orig-len=2048&grab=dNCd0L7QstC-0YHRgtC4INCg0L7RgdGB0LjQuCDQuCDQvNC40YDQsCDigJMg0KPRgtGA0L4u0YDRgyDigJMg0L_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4INC90LAg0YHQtdCz0L7QtNC90Y8KMSAi0J3QuNC60LDQutC40YUg0L_RgNC-0LHQu9C10LwiOiDQvtGC0LXQu9GMINCyINCl0YPRgNCz0LDQtNC1INC_0YDQuNC90LjQvNCw0LXRgiDRgtGD0YDQuNGB0YLQvtCyINC_0L7RgdC70LUg0LzQsNGB0YHQvtCy0L7Qs9C-INC-0YLRgNCw0LLQu9C10L3QuNGPINGA0L7RgdGB0LjRj9C9IAoy0KDQtdC60L7QvNC10L3QtNGD0LXQvCAKMtCd0L7QstC-0YHRgtC4INCj0LrRgNCw0LjQvdGLIAoy0KjQvtGDLdCx0LjQt9C90LXRgSAKMtCQ0YDQvNC40Y8gCjLQndC-0LLQvtGB0YLQuCDQv9Cw0YDRgtC90LXRgNC-0LIgCjLQvdC-0LLQvtGB0YLQvdCw0Y8g0LvQtdC90YLQsCAKMtCy0YvQsdC-0YAg0YDQtdC00LDQutGG0LjQuCAKMtCd0L7QstC-0YHRgtC4INC_0LDRgNGC0L3QtdGA0L7QsiAKMtCc0L7Qu9C00LDQstC40Y8g0LLRi9GC0L7RgNCz0L7QstCw0LvQsCDRgyDQoNC-0YHRgdC40Lgg0YHQutC40LTQutGDINC90LAg0LPQsNC3IAoy0KDQsNC00L7QstCw0YLRjNGB0Y8g0L3QtdGH0LXQvNGDOiDQp9GD0LHQsNC50YEg0L_RgNC10LTRgNC10Log0KDQvtGB0YHQuNC4INC_0YDQvtCx0LvQtdC80Ysg0LjQty3Qt9CwINCy0YvRgdC-0LrQuNGFINGG0LXQvSDQvdCwINCz0LDQtyDQsiDQldCy0YDQvtC_0LUgCjLQntCx0LLQuNC90LXQvdC40Y8g0LPRgNCw0L3QuNGH0LDRgiDRgSDQsdGA0LXQtNC-0Lw6INC_0L7RgdC-0Lsg0KDQvtGB0YHQuNC4INC_0L7RgdGC0LDQstC40Lsg0L3QsCDQvNC10YHRgtC-INC30LDQv9Cw0LTQvdGL0YUg0LrRgNC40YLQuNC60L7QsiAKM9CQ0LzQtdGA0LjQutCw0L3RgdC60LjQuSDQsNC00LzQuNGA0LDQuyDQvtGG0LXQvdC40Lsg0LDQv9C_0LXRgtC40YIg0J_Rg9GC0LjQvdCwINC6INGA0LjRgdC60YMgCjPQodGC0LDRgtC40YHRgtC40LrQsCDQv9C-INC60L7QstC40LTRgyDQsiDQoNC-0YHRgdC40Lgg0L3QsCAzMSDQvtC60YLRj9Cx0YDRjyAKM9CSINC_0Y_RgtC40LfQstC10LfQtNC-0YfQvdC-0Lwg0L7RgtC10LvQtSDQvdCwINC10LPQuNC_0LXRgtGB0LrQvtC8INC60YPRgNC-0YDRgtC1INC-0YLRgNCw0LLQuNC70LjRgdGMIDQwINGA0L7RgdGB0LjRj9C9OiDQv9C-0LTRgNC-0LHQvdC-0YHRgtC4IAoz0J_Rg9GC0LjQvSDQstGL0YHRgtGD0L_QuNC7INC90LAgRzIwOiDQv9GA0LXQt9C40LTQtdC90YIg0L7QsdGA0LDRgtC40LvRgdGPINC6INGB0YLRgNCw0L3QsNC8INGBINC_0YDQuNC30YvQstC-0LwgCjPQkdC-0LvRjNGI0LDRjyDQvtGI0LjQsdC60LA6INCR0L7Qu9GC0L7QvSDQv9GA0LXQtNC-0YHRgtC10YDQtdCzINCg0L7RgdGB0LjRjiDQvtGCINGB0L7RjtC30LAg0YEg0JrQuNGC0LDQtdC8IAoz0JrRg9GA0YEg0YDRg9Cx0LvRjyAKM9Ck0L7RgtC-0YDQtdC_0L7RgNGC0LDQtiAKM9Ca0L7RgNC-0L3QsNCy0LjRgNGD0YEg0LIg0KDQvtGB0YHQuNC4

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

5e0b7c453b04e673927ed500a74bf8bf65cce224130a0a0cd14735bd429e5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635674737494059-854817228857712388200294-production-app-host-man-pcode-21
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ytro.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/275069/getBulk/ 11 KB
4 KB 221ms
220ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/275069/getBulk/v2?dl=https%3A%2F%2Fytro.news%2F&date=2021-10-31T10%3A05%3A37.471%2B00%3A00&pd=31&pdh=1200&pdw=1600&pr1=3514353411&pr=411532975&prr=&pv=10&pw=0&extid_loader=&extid_tag_loader=ytro.news&ylv=0.46952&ybv=0.46952&ytt=479387069843477&is-turbo=0&skip-token=&ad-session-id=5608221635674737200&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1350%2C%22h%22%3A0%2C%22width%22%3A1350%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A125%2C%22top%22%3A4851%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A6%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=46952&availableWidth=1350&availableHeight=0&pp=i&ps=cxhg&p2=gatq&slotNumber=8&bids=W3siY2FtcGFpZ25faWQiOjgyNjg3NSwicmVzcG9uc2VfdGltZSI6ODcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNTE0OTk2In0seyJjYW1wYWlnbl9pZCI6ODI2ODc3LCJyZXNwb25zZV90aW1lIjoyODUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIzODcxMzg0In0seyJjYW1wYWlnbl9pZCI6ODI2ODc2LCJyZXNwb25zZV90aW1lIjozNjcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI3NzQ5MDIifSx7ImNhbXBhaWduX2lkIjoxMTM2NTI4LCJyZXNwb25zZV90aW1lIjo3MCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IlduNnQ1Z0NZbWZNcGVNR2NoVGdxIn0seyJjYW1wYWlnbl9pZCI6MTUzMzc3NCwicmVzcG9uc2VfdGltZSI6NjksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIzMDA5In1d&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C67%3B443399%2C0%2C95%3B443799%2C0%2C37%3B443440%2C0%2C94%3B439949%2C0%2C61%3B436280%2C0%2C20%3B444595%2C0%2C85%3B434215%2C0%2C96%3B444618%2C0%2C64%3B445012%2C0%2C36%3B204304%2C0%2C43&pcode-flags-map=eJyNVttuo0gQ%2FReenRXQXOetgbbdCtBsd5PLRqMWcdCsJcaOsBPtzmj%2BfQoDiRvHzvgBDOZU1Tl1qvBPg%2BQ4SomKWUJioW6XVJKUCml8efhpvFbNS218MSQviTEz9vVuT5%2Fg2rFD0w2NX19nRkLFAZ%2BQOS5TqeSSZESRrJD3Kik5lpTln8by0SFWRhKK1ZxCuIhKwBJVcMo4hVhzHEvGtUjmX2b3sU6iOYdoNywtoZSolJLlCuc0Oy2mJ38SwD8EKHM6ZxxQfwLp1YiXOF%2BAmCmNr0EKzsrFUqVsQWMtBnCBSsbSRo5aTGT7tn2IOTRIXNP8WN3LojoWcqxj%2BE0RDj3%2BDOiHPfAGCyVkDyZcTKVzHGQhX8c63iDdkPS9oeAsKpcqE6S7lISrMk%2FgiKNEsTz9jI3r2H1TcTJndyrjsbqhgkY07bwBGh4U14LU%2Fz3rTfIRMse%2Bpgx32aG9CmfFMW7fvtQaLEDhAIPaheAK2jDBnOZ6A83LND2gCsJjksvODCCLxMf4g5GtCWG37%2F44V12M3o1aAx%2BMH%2FUGcsPRHk5X36qmqdv%2F4fJx3TSP26p9gu%2F%2Fbtv1j%2B1mXzXahYmsAG5UT9Xzfv1ax9vNDiRY7bct3P2%2BfarbDR5%2BgxvP292%2BbuOq3b7s6uYY935r971q92q%2Fbmrj68ecuIxUhPO860CKF%2BKilu%2BwZQQ%2BPH7WsS0XnUmRFUqQPFERwfHEudMMCHmme95dERjsNtczP1he4Nn%2BzHZhEbpwCoLAmiHXsYJgZqPQRd3JNX1vZnswF2hmm7ZlmuMjyAw9D%2BC%2BGZqWrhJy%2FdHqwIDkikWC8Alzo95Uj02t0%2FDssJ%2B%2BOb0jyeAWxUk3aJcF8IKwzxmzrOBEiL4vKsOazzWLosDzrDGdguW6gCEvOJMsZulZlGNaQ6rO0EsyjmFMYEOLW71Qa7KY%2FDd6KoMpXBK6WEqVy8vD6LgofC9UJNcqxfeslLAO8zldnE8IZurfS5IIqchdobqV2KO6LVB0%2B1RLDb9JDuz1XeC7Qc84w1yOxv9opR4m5%2Bqx2mzq9mqcLPVq63QQCsM3OhHjnYLyvoDlRKSki1wfp9W%2BmcD9AZ7BWqF9NZf1Q9C1IwJ%2Fl6TUabf1qmpWuqXC0OnT3NJkQaT6BxRLyN0nPrSDPtMgkijB%2BPeKJiovs0iv09TfPG4IIzw700nHs%2FoWFEx07x5waErik38DUM%2FVerXdXOmKo27PfFAWmD3C%2FZLQt7nlnsneGWY6yY4X%2BJMOu6bVbbFfvwHEWsqU&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=kb094GLO1XlAbBNGlUwZSTk6433%2FOA0p1ZW%2BPTurjAyJOmOdqbHunGOGe9UGrfk0NQ6WP72oTcZnS5EAbJ%2BN8yhnyhw%3D&grab-orig-len=2048&grab=dNCd0L7QstC-0YHRgtC4INCg0L7RgdGB0LjQuCDQuCDQvNC40YDQsCDigJMg0KPRgtGA0L4u0YDRgyDigJMg0L_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4INC90LAg0YHQtdCz0L7QtNC90Y8KMSAi0J3QuNC60LDQutC40YUg0L_RgNC-0LHQu9C10LwiOiDQvtGC0LXQu9GMINCyINCl0YPRgNCz0LDQtNC1INC_0YDQuNC90LjQvNCw0LXRgiDRgtGD0YDQuNGB0YLQvtCyINC_0L7RgdC70LUg0LzQsNGB0YHQvtCy0L7Qs9C-INC-0YLRgNCw0LLQu9C10L3QuNGPINGA0L7RgdGB0LjRj9C9IAoy0KDQtdC60L7QvNC10L3QtNGD0LXQvCAKMtCd0L7QstC-0YHRgtC4INCj0LrRgNCw0LjQvdGLIAoy0KjQvtGDLdCx0LjQt9C90LXRgSAKMtCQ0YDQvNC40Y8gCjLQndC-0LLQvtGB0YLQuCDQv9Cw0YDRgtC90LXRgNC-0LIgCjLQvdC-0LLQvtGB0YLQvdCw0Y8g0LvQtdC90YLQsCAKMtCy0YvQsdC-0YAg0YDQtdC00LDQutGG0LjQuCAKMtCd0L7QstC-0YHRgtC4INC_0LDRgNGC0L3QtdGA0L7QsiAKMtCc0L7Qu9C00LDQstC40Y8g0LLRi9GC0L7RgNCz0L7QstCw0LvQsCDRgyDQoNC-0YHRgdC40Lgg0YHQutC40LTQutGDINC90LAg0LPQsNC3IAoy0KDQsNC00L7QstCw0YLRjNGB0Y8g0L3QtdGH0LXQvNGDOiDQp9GD0LHQsNC50YEg0L_RgNC10LTRgNC10Log0KDQvtGB0YHQuNC4INC_0YDQvtCx0LvQtdC80Ysg0LjQty3Qt9CwINCy0YvRgdC-0LrQuNGFINGG0LXQvSDQvdCwINCz0LDQtyDQsiDQldCy0YDQvtC_0LUgCjLQntCx0LLQuNC90LXQvdC40Y8g0LPRgNCw0L3QuNGH0LDRgiDRgSDQsdGA0LXQtNC-0Lw6INC_0L7RgdC-0Lsg0KDQvtGB0YHQuNC4INC_0L7RgdGC0LDQstC40Lsg0L3QsCDQvNC10YHRgtC-INC30LDQv9Cw0LTQvdGL0YUg0LrRgNC40YLQuNC60L7QsiAKM9CQ0LzQtdGA0LjQutCw0L3RgdC60LjQuSDQsNC00LzQuNGA0LDQuyDQvtGG0LXQvdC40Lsg0LDQv9C_0LXRgtC40YIg0J_Rg9GC0LjQvdCwINC6INGA0LjRgdC60YMgCjPQodGC0LDRgtC40YHRgtC40LrQsCDQv9C-INC60L7QstC40LTRgyDQsiDQoNC-0YHRgdC40Lgg0L3QsCAzMSDQvtC60YLRj9Cx0YDRjyAKM9CSINC_0Y_RgtC40LfQstC10LfQtNC-0YfQvdC-0Lwg0L7RgtC10LvQtSDQvdCwINC10LPQuNC_0LXRgtGB0LrQvtC8INC60YPRgNC-0YDRgtC1INC-0YLRgNCw0LLQuNC70LjRgdGMIDQwINGA0L7RgdGB0LjRj9C9OiDQv9C-0LTRgNC-0LHQvdC-0YHRgtC4IAoz0J_Rg9GC0LjQvSDQstGL0YHRgtGD0L_QuNC7INC90LAgRzIwOiDQv9GA0LXQt9C40LTQtdC90YIg0L7QsdGA0LDRgtC40LvRgdGPINC6INGB0YLRgNCw0L3QsNC8INGBINC_0YDQuNC30YvQstC-0LwgCjPQkdC-0LvRjNGI0LDRjyDQvtGI0LjQsdC60LA6INCR0L7Qu9GC0L7QvSDQv9GA0LXQtNC-0YHRgtC10YDQtdCzINCg0L7RgdGB0LjRjiDQvtGCINGB0L7RjtC30LAg0YEg0JrQuNGC0LDQtdC8IAoz0JrRg9GA0YEg0YDRg9Cx0LvRjyAKM9Ck0L7RgtC-0YDQtdC_0L7RgNGC0LDQtiAKM9Ca0L7RgNC-0L3QsNCy0LjRgNGD0YEg0LIg0KDQvtGB0YHQuNC4

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8f53a9e2852de066a9358158b51996c3ed94462a33618f406e65d35733150fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635674737497926-1201582620321505863200293-production-app-host-man-pcode-30
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ytro.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/275069/getBulk/ 11 KB
4 KB 226ms
226ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/275069/getBulk/v2?dl=https%3A%2F%2Fytro.news%2F&date=2021-10-31T10%3A05%3A37.474%2B00%3A00&pd=31&pdh=1200&pdw=1600&pr1=36444104&pr=411532975&prr=&pv=10&pw=0&extid_loader=&extid_tag_loader=ytro.news&ylv=0.46952&ybv=0.46952&ytt=479387069843477&is-turbo=0&skip-token=&ad-session-id=5608221635674737200&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1350%2C%22h%22%3A0%2C%22width%22%3A1350%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A125%2C%22top%22%3A3839%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A7%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=46952&availableWidth=1350&availableHeight=0&pp=h&ps=cxhg&p2=gatp&slotNumber=7&bids=W3siY2FtcGFpZ25faWQiOjgyNjg3NSwicmVzcG9uc2VfdGltZSI6ODcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjkwMTc5In0seyJjYW1wYWlnbl9pZCI6ODI2ODc3LCJyZXNwb25zZV90aW1lIjoyODUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNTM0Nzg0In0seyJjYW1wYWlnbl9pZCI6ODI2ODc2LCJyZXNwb25zZV90aW1lIjozNjcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNDY5MTkifSx7ImNhbXBhaWduX2lkIjoxMTM2NTI4LCJyZXNwb25zZV90aW1lIjo3MCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6Ilh4R1BHS292RE9WMFpHNUtBT3BDIn0seyJjYW1wYWlnbl9pZCI6MTUzMzc3NCwicmVzcG9uc2VfdGltZSI6NjksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjU2In1d&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C67%3B443399%2C0%2C95%3B443799%2C0%2C37%3B443440%2C0%2C94%3B439949%2C0%2C61%3B436280%2C0%2C20%3B444595%2C0%2C85%3B434215%2C0%2C96%3B444618%2C0%2C64%3B445012%2C0%2C36%3B204304%2C0%2C43&pcode-flags-map=eJyNVttuo0gQ%2FReenRXQXOetgbbdCtBsd5PLRqMWcdCsJcaOsBPtzmj%2BfQoDiRvHzvgBDOZU1Tl1qvBPg%2BQ4SomKWUJioW6XVJKUCml8efhpvFbNS218MSQviTEz9vVuT5%2Fg2rFD0w2NX19nRkLFAZ%2BQOS5TqeSSZESRrJD3Kik5lpTln8by0SFWRhKK1ZxCuIhKwBJVcMo4hVhzHEvGtUjmX2b3sU6iOYdoNywtoZSolJLlCuc0Oy2mJ38SwD8EKHM6ZxxQfwLp1YiXOF%2BAmCmNr0EKzsrFUqVsQWMtBnCBSsbSRo5aTGT7tn2IOTRIXNP8WN3LojoWcqxj%2BE0RDj3%2BDOiHPfAGCyVkDyZcTKVzHGQhX8c63iDdkPS9oeAsKpcqE6S7lISrMk%2FgiKNEsTz9jI3r2H1TcTJndyrjsbqhgkY07bwBGh4U14LU%2Fz3rTfIRMse%2Bpgx32aG9CmfFMW7fvtQaLEDhAIPaheAK2jDBnOZ6A83LND2gCsJjksvODCCLxMf4g5GtCWG37%2F44V12M3o1aAx%2BMH%2FUGcsPRHk5X36qmqdv%2F4fJx3TSP26p9gu%2F%2Fbtv1j%2B1mXzXahYmsAG5UT9Xzfv1ax9vNDiRY7bct3P2%2BfarbDR5%2BgxvP292%2BbuOq3b7s6uYY935r971q92q%2Fbmrj68ecuIxUhPO860CKF%2BKilu%2BwZQQ%2BPH7WsS0XnUmRFUqQPFERwfHEudMMCHmme95dERjsNtczP1he4Nn%2BzHZhEbpwCoLAmiHXsYJgZqPQRd3JNX1vZnswF2hmm7ZlmuMjyAw9D%2BC%2BGZqWrhJy%2FdHqwIDkikWC8Alzo95Uj02t0%2FDssJ%2B%2BOb0jyeAWxUk3aJcF8IKwzxmzrOBEiL4vKsOazzWLosDzrDGdguW6gCEvOJMsZulZlGNaQ6rO0EsyjmFMYEOLW71Qa7KY%2FDd6KoMpXBK6WEqVy8vD6LgofC9UJNcqxfeslLAO8zldnE8IZurfS5IIqchdobqV2KO6LVB0%2B1RLDb9JDuz1XeC7Qc84w1yOxv9opR4m5%2Bqx2mzq9mqcLPVq63QQCsM3OhHjnYLyvoDlRKSki1wfp9W%2BmcD9AZ7BWqF9NZf1Q9C1IwJ%2Fl6TUabf1qmpWuqXC0OnT3NJkQaT6BxRLyN0nPrSDPtMgkijB%2BPeKJiovs0iv09TfPG4IIzw700nHs%2FoWFEx07x5waErik38DUM%2FVerXdXOmKo27PfFAWmD3C%2FZLQt7nlnsneGWY6yY4X%2BJMOu6bVbbFfvwHEWsqU&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=kb094GLO1XlAbBNGlUwZSTk6433%2FOA0p1ZW%2BPTurjAyJOmOdqbHunGOGe9UGrfk0NQ6WP72oTcZnS5EAbJ%2BN8yhnyhw%3D&grab-orig-len=2048&grab=dNCd0L7QstC-0YHRgtC4INCg0L7RgdGB0LjQuCDQuCDQvNC40YDQsCDigJMg0KPRgtGA0L4u0YDRgyDigJMg0L_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4INC90LAg0YHQtdCz0L7QtNC90Y8KMSAi0J3QuNC60LDQutC40YUg0L_RgNC-0LHQu9C10LwiOiDQvtGC0LXQu9GMINCyINCl0YPRgNCz0LDQtNC1INC_0YDQuNC90LjQvNCw0LXRgiDRgtGD0YDQuNGB0YLQvtCyINC_0L7RgdC70LUg0LzQsNGB0YHQvtCy0L7Qs9C-INC-0YLRgNCw0LLQu9C10L3QuNGPINGA0L7RgdGB0LjRj9C9IAoy0KDQtdC60L7QvNC10L3QtNGD0LXQvCAKMtCd0L7QstC-0YHRgtC4INCj0LrRgNCw0LjQvdGLIAoy0KjQvtGDLdCx0LjQt9C90LXRgSAKMtCQ0YDQvNC40Y8gCjLQndC-0LLQvtGB0YLQuCDQv9Cw0YDRgtC90LXRgNC-0LIgCjLQvdC-0LLQvtGB0YLQvdCw0Y8g0LvQtdC90YLQsCAKMtCy0YvQsdC-0YAg0YDQtdC00LDQutGG0LjQuCAKMtCd0L7QstC-0YHRgtC4INC_0LDRgNGC0L3QtdGA0L7QsiAKMtCc0L7Qu9C00LDQstC40Y8g0LLRi9GC0L7RgNCz0L7QstCw0LvQsCDRgyDQoNC-0YHRgdC40Lgg0YHQutC40LTQutGDINC90LAg0LPQsNC3IAoy0KDQsNC00L7QstCw0YLRjNGB0Y8g0L3QtdGH0LXQvNGDOiDQp9GD0LHQsNC50YEg0L_RgNC10LTRgNC10Log0KDQvtGB0YHQuNC4INC_0YDQvtCx0LvQtdC80Ysg0LjQty3Qt9CwINCy0YvRgdC-0LrQuNGFINGG0LXQvSDQvdCwINCz0LDQtyDQsiDQldCy0YDQvtC_0LUgCjLQntCx0LLQuNC90LXQvdC40Y8g0LPRgNCw0L3QuNGH0LDRgiDRgSDQsdGA0LXQtNC-0Lw6INC_0L7RgdC-0Lsg0KDQvtGB0YHQuNC4INC_0L7RgdGC0LDQstC40Lsg0L3QsCDQvNC10YHRgtC-INC30LDQv9Cw0LTQvdGL0YUg0LrRgNC40YLQuNC60L7QsiAKM9CQ0LzQtdGA0LjQutCw0L3RgdC60LjQuSDQsNC00LzQuNGA0LDQuyDQvtGG0LXQvdC40Lsg0LDQv9C_0LXRgtC40YIg0J_Rg9GC0LjQvdCwINC6INGA0LjRgdC60YMgCjPQodGC0LDRgtC40YHRgtC40LrQsCDQv9C-INC60L7QstC40LTRgyDQsiDQoNC-0YHRgdC40Lgg0L3QsCAzMSDQvtC60YLRj9Cx0YDRjyAKM9CSINC_0Y_RgtC40LfQstC10LfQtNC-0YfQvdC-0Lwg0L7RgtC10LvQtSDQvdCwINC10LPQuNC_0LXRgtGB0LrQvtC8INC60YPRgNC-0YDRgtC1INC-0YLRgNCw0LLQuNC70LjRgdGMIDQwINGA0L7RgdGB0LjRj9C9OiDQv9C-0LTRgNC-0LHQvdC-0YHRgtC4IAoz0J_Rg9GC0LjQvSDQstGL0YHRgtGD0L_QuNC7INC90LAgRzIwOiDQv9GA0LXQt9C40LTQtdC90YIg0L7QsdGA0LDRgtC40LvRgdGPINC6INGB0YLRgNCw0L3QsNC8INGBINC_0YDQuNC30YvQstC-0LwgCjPQkdC-0LvRjNGI0LDRjyDQvtGI0LjQsdC60LA6INCR0L7Qu9GC0L7QvSDQv9GA0LXQtNC-0YHRgtC10YDQtdCzINCg0L7RgdGB0LjRjiDQvtGCINGB0L7RjtC30LAg0YEg0JrQuNGC0LDQtdC8IAoz0JrRg9GA0YEg0YDRg9Cx0LvRjyAKM9Ck0L7RgtC-0YDQtdC_0L7RgNGC0LDQtiAKM9Ca0L7RgNC-0L3QsNCy0LjRgNGD0YEg0LIg0KDQvtGB0YHQuNC4

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f65c544a980388b766cb84f13a54580cf56b72efe5a11a466808d336ec74da85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635674737512762-1142694130719390349900324-production-app-host-vla-pcode-130
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ytro.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/275069/getBulk/ 11 KB
4 KB 245ms
245ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/275069/getBulk/v2?dl=https%3A%2F%2Fytro.news%2F&date=2021-10-31T10%3A05%3A37.477%2B00%3A00&pd=31&pdh=1200&pdw=1600&pr1=2988085098&pr=411532975&prr=&pv=10&pw=0&extid_loader=&extid_tag_loader=ytro.news&ylv=0.46952&ybv=0.46952&ytt=479387069843477&is-turbo=0&skip-token=&ad-session-id=5608221635674737200&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A480%2C%22top%22%3A861%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A8%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=46952&availableWidth=240&availableHeight=400&pp=g&ps=cxhg&p2=gatl&slotNumber=3&bids=W3siY2FtcGFpZ25faWQiOjgyNjg3NSwicmVzcG9uc2VfdGltZSI6ODcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjk3OTkzIn0seyJjYW1wYWlnbl9pZCI6ODI2ODc2LCJyZXNwb25zZV90aW1lIjozNjcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNDY5NDkifSx7ImNhbXBhaWduX2lkIjoxMTM2NTI4LCJyZXNwb25zZV90aW1lIjo3MCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IkFGZHYzcmpGUmhPQUJBNXpmZEFIIn0seyJjYW1wYWlnbl9pZCI6MTUzMzc3NCwicmVzcG9uc2VfdGltZSI6NjksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjU3In1d&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C67%3B443399%2C0%2C95%3B443799%2C0%2C37%3B443440%2C0%2C94%3B439949%2C0%2C61%3B436280%2C0%2C20%3B444595%2C0%2C85%3B434215%2C0%2C96%3B444618%2C0%2C64%3B445012%2C0%2C36%3B204304%2C0%2C43&pcode-flags-map=eJyNVttuo0gQ%2FReenRXQXOetgbbdCtBsd5PLRqMWcdCsJcaOsBPtzmj%2BfQoDiRvHzvgBDOZU1Tl1qvBPg%2BQ4SomKWUJioW6XVJKUCml8efhpvFbNS218MSQviTEz9vVuT5%2Fg2rFD0w2NX19nRkLFAZ%2BQOS5TqeSSZESRrJD3Kik5lpTln8by0SFWRhKK1ZxCuIhKwBJVcMo4hVhzHEvGtUjmX2b3sU6iOYdoNywtoZSolJLlCuc0Oy2mJ38SwD8EKHM6ZxxQfwLp1YiXOF%2BAmCmNr0EKzsrFUqVsQWMtBnCBSsbSRo5aTGT7tn2IOTRIXNP8WN3LojoWcqxj%2BE0RDj3%2BDOiHPfAGCyVkDyZcTKVzHGQhX8c63iDdkPS9oeAsKpcqE6S7lISrMk%2FgiKNEsTz9jI3r2H1TcTJndyrjsbqhgkY07bwBGh4U14LU%2Fz3rTfIRMse%2Bpgx32aG9CmfFMW7fvtQaLEDhAIPaheAK2jDBnOZ6A83LND2gCsJjksvODCCLxMf4g5GtCWG37%2F44V12M3o1aAx%2BMH%2FUGcsPRHk5X36qmqdv%2F4fJx3TSP26p9gu%2F%2Fbtv1j%2B1mXzXahYmsAG5UT9Xzfv1ax9vNDiRY7bct3P2%2BfarbDR5%2BgxvP292%2BbuOq3b7s6uYY935r971q92q%2Fbmrj68ecuIxUhPO860CKF%2BKilu%2BwZQQ%2BPH7WsS0XnUmRFUqQPFERwfHEudMMCHmme95dERjsNtczP1he4Nn%2BzHZhEbpwCoLAmiHXsYJgZqPQRd3JNX1vZnswF2hmm7ZlmuMjyAw9D%2BC%2BGZqWrhJy%2FdHqwIDkikWC8Alzo95Uj02t0%2FDssJ%2B%2BOb0jyeAWxUk3aJcF8IKwzxmzrOBEiL4vKsOazzWLosDzrDGdguW6gCEvOJMsZulZlGNaQ6rO0EsyjmFMYEOLW71Qa7KY%2FDd6KoMpXBK6WEqVy8vD6LgofC9UJNcqxfeslLAO8zldnE8IZurfS5IIqchdobqV2KO6LVB0%2B1RLDb9JDuz1XeC7Qc84w1yOxv9opR4m5%2Bqx2mzq9mqcLPVq63QQCsM3OhHjnYLyvoDlRKSki1wfp9W%2BmcD9AZ7BWqF9NZf1Q9C1IwJ%2Fl6TUabf1qmpWuqXC0OnT3NJkQaT6BxRLyN0nPrSDPtMgkijB%2BPeKJiovs0iv09TfPG4IIzw700nHs%2FoWFEx07x5waErik38DUM%2FVerXdXOmKo27PfFAWmD3C%2FZLQt7nlnsneGWY6yY4X%2BJMOu6bVbbFfvwHEWsqU&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=kb094GLO1XlAbBNGlUwZSTk6433%2FOA0p1ZW%2BPTurjAyJOmOdqbHunGOGe9UGrfk0NQ6WP72oTcZnS5EAbJ%2BN8yhnyhw%3D&grab-orig-len=2048&grab=dNCd0L7QstC-0YHRgtC4INCg0L7RgdGB0LjQuCDQuCDQvNC40YDQsCDigJMg0KPRgtGA0L4u0YDRgyDigJMg0L_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4INC90LAg0YHQtdCz0L7QtNC90Y8KMSAi0J3QuNC60LDQutC40YUg0L_RgNC-0LHQu9C10LwiOiDQvtGC0LXQu9GMINCyINCl0YPRgNCz0LDQtNC1INC_0YDQuNC90LjQvNCw0LXRgiDRgtGD0YDQuNGB0YLQvtCyINC_0L7RgdC70LUg0LzQsNGB0YHQvtCy0L7Qs9C-INC-0YLRgNCw0LLQu9C10L3QuNGPINGA0L7RgdGB0LjRj9C9IAoy0KDQtdC60L7QvNC10L3QtNGD0LXQvCAKMtCd0L7QstC-0YHRgtC4INCj0LrRgNCw0LjQvdGLIAoy0KjQvtGDLdCx0LjQt9C90LXRgSAKMtCQ0YDQvNC40Y8gCjLQndC-0LLQvtGB0YLQuCDQv9Cw0YDRgtC90LXRgNC-0LIgCjLQvdC-0LLQvtGB0YLQvdCw0Y8g0LvQtdC90YLQsCAKMtCy0YvQsdC-0YAg0YDQtdC00LDQutGG0LjQuCAKMtCd0L7QstC-0YHRgtC4INC_0LDRgNGC0L3QtdGA0L7QsiAKMtCc0L7Qu9C00LDQstC40Y8g0LLRi9GC0L7RgNCz0L7QstCw0LvQsCDRgyDQoNC-0YHRgdC40Lgg0YHQutC40LTQutGDINC90LAg0LPQsNC3IAoy0KDQsNC00L7QstCw0YLRjNGB0Y8g0L3QtdGH0LXQvNGDOiDQp9GD0LHQsNC50YEg0L_RgNC10LTRgNC10Log0KDQvtGB0YHQuNC4INC_0YDQvtCx0LvQtdC80Ysg0LjQty3Qt9CwINCy0YvRgdC-0LrQuNGFINGG0LXQvSDQvdCwINCz0LDQtyDQsiDQldCy0YDQvtC_0LUgCjLQntCx0LLQuNC90LXQvdC40Y8g0LPRgNCw0L3QuNGH0LDRgiDRgSDQsdGA0LXQtNC-0Lw6INC_0L7RgdC-0Lsg0KDQvtGB0YHQuNC4INC_0L7RgdGC0LDQstC40Lsg0L3QsCDQvNC10YHRgtC-INC30LDQv9Cw0LTQvdGL0YUg0LrRgNC40YLQuNC60L7QsiAKM9CQ0LzQtdGA0LjQutCw0L3RgdC60LjQuSDQsNC00LzQuNGA0LDQuyDQvtGG0LXQvdC40Lsg0LDQv9C_0LXRgtC40YIg0J_Rg9GC0LjQvdCwINC6INGA0LjRgdC60YMgCjPQodGC0LDRgtC40YHRgtC40LrQsCDQv9C-INC60L7QstC40LTRgyDQsiDQoNC-0YHRgdC40Lgg0L3QsCAzMSDQvtC60YLRj9Cx0YDRjyAKM9CSINC_0Y_RgtC40LfQstC10LfQtNC-0YfQvdC-0Lwg0L7RgtC10LvQtSDQvdCwINC10LPQuNC_0LXRgtGB0LrQvtC8INC60YPRgNC-0YDRgtC1INC-0YLRgNCw0LLQuNC70LjRgdGMIDQwINGA0L7RgdGB0LjRj9C9OiDQv9C-0LTRgNC-0LHQvdC-0YHRgtC4IAoz0J_Rg9GC0LjQvSDQstGL0YHRgtGD0L_QuNC7INC90LAgRzIwOiDQv9GA0LXQt9C40LTQtdC90YIg0L7QsdGA0LDRgtC40LvRgdGPINC6INGB0YLRgNCw0L3QsNC8INGBINC_0YDQuNC30YvQstC-0LwgCjPQkdC-0LvRjNGI0LDRjyDQvtGI0LjQsdC60LA6INCR0L7Qu9GC0L7QvSDQv9GA0LXQtNC-0YHRgtC10YDQtdCzINCg0L7RgdGB0LjRjiDQvtGCINGB0L7RjtC30LAg0YEg0JrQuNGC0LDQtdC8IAoz0JrRg9GA0YEg0YDRg9Cx0LvRjyAKM9Ck0L7RgtC-0YDQtdC_0L7RgNGC0LDQtiAKM9Ca0L7RgNC-0L3QsNCy0LjRgNGD0YEg0LIg0KDQvtGB0YHQuNC4

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

dbbe201258451c1aeb5a0e68c4c9344e6f177afd31c1adf6475e21ce879784aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635674737514618-1705254018049905085500293-production-app-host-vla-pcode-106
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ytro.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 vendor.70a5e16820b6b0a388e3.js Show response
relap.io/v7/ Frame CFE2 373 KB
98 KB 61ms
60ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js

Requested by

Host: relap.io
URL: https://relap.io/v7/app_index.0afa1420a983127a9cba.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

4efc7bae0f267c675c4cce712fd7b6dd7d69528899330340228259013376ba64

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:26:47 GMT
server: nginx
etag: "617bda77-18678"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
content-length: 99960
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H2 200 common_core.46c6dcb596f864676ef5.js Show response
relap.io/v7/ Frame CFE2 251 KB
55 KB 170ms
170ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/common_core.46c6dcb596f864676ef5.js

Requested by

Host: relap.io
URL: https://relap.io/v7/app_index.0afa1420a983127a9cba.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b4d1ab4c1f7308baaae72c73033a019b74f3b82c49460288847a0f62effb4f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:26:47 GMT
server: nginx
etag: "617bda77-dc59"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
content-length: 56409
expires: Tue, 30 Nov 2021 10:05:37 GMT

GET
H2 200 app.0d2d13be6865a9a3940d.js Show response
relap.io/v7/ Frame CFE2 69 KB
8 KB 182ms
182ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/app.0d2d13be6865a9a3940d.js

Requested by

Host: relap.io
URL: https://relap.io/v7/app_index.0afa1420a983127a9cba.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

8185d758465985adefa50e9aa37905952c926e7e56bafc2b7df03b9f129b72a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:26:47 GMT
server: nginx
etag: "617bda77-1da5"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
content-length: 7589
expires: Tue, 30 Nov 2021 10:05:37 GMT

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
262 B 173ms
75ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9E3B 81 KB
27 KB 116ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dba1e011745c1bec0b32691b466bf85c8972935bdb186a45fc96296136b23d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1029 / 964 of 1000 / last-modified: 1635545062"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27294
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
230 B 259ms
80ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=e2b2948cd222205d&pm=bmo&pxo=fTtpnGacwEWyeMAYdxVq-AwoOB7DcPPpH2NMlhg5-2dmPK3OrHzyr22C9kBjuxn3pdz38IeReZq2HtFNExmK-Nb0fAd8cXuLgT9f0szpQ3N1IOfjWIwSHdQNWeyXiMVfLU76gI-Erz3gZN6hPwa-s_GYNWDyKZegGkSo9wmQcwmoGPYMvK0%3D&p5=gfgly&rand=mjoossf&sj=JYxcWCGtGJiz4MouXSifEUyRW48LnSD4dHvwp8SsmuAumd5__ibw4SpegT6jEw%3D%3D&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjig&rqs=cV75Gu-8-Dxxan5hfsh29bCPwbHovMR5&rtb-si=b&p2=gatj

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H/1.1 200
OK version Show response
moevideo.biz/embed/core/ 45 B
219 B 153ms
153ms Script
application/javascript 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/core/version?jsonp=&jsonpCallback=jsonp_1635674737684_77685
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: 79ea35f224d899c373f9b83f5ac4dc4d429c530b598f93522f65f474e2ca77df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 45
X-My-Reqtime: 0.093
Content-Type: application/javascript

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 15ms
15ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&lid=0&tid=0&cls_green=-0.001&cls_green_cnt=-1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:37 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 14ms
14ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&lid=0&tid=0&cls_green=0.069&cls_green_cnt=1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:37 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

POST
H2 200 metrics Show response
relap.io/api/v7/ Frame CFE2 2 B
1 KB 71ms
70ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/metrics

Requested by

Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ytro.news
cache-control: max-age=1, no-cache
x-server: back18
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie

GET
H2 200 abp.gif
relap.io/ Frame CFE2 43 B
207 B 54ms
54ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/abp.gif?ch=1&rn=2.4246719604543845

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Wed, 21 Apr 2021 14:05:06 GMT
server: nginx
etag: "60803112-2b"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 abp.gif
relap.io/ Frame CFE2 43 B
207 B 55ms
54ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/abp.gif?ch=2&rn=2.4246719604543845

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
last-modified: Wed, 21 Apr 2021 14:05:06 GMT
server: nginx
etag: "60803112-2b"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4D86 81 KB
27 KB 65ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf26e5da31fbcf97b58ad60baa4121ab276efd4ab78661e842fee1ff975071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1029 / 630 of 1000 / last-modified: 1635545117"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27325
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 194ms
85ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=52945585d55a6ce0&pm=bmo&pxo=XKupSqAQl0geG0N3j1b1PkLCCwqJ_w677eUZdVjhz_PjJW1UskvF9dvR8BcU4i5qD6gXwmZBeR1HO11dLd_fp5Oyu-IZG0RCr0DQttwFTVj2obyzDfUJoXY4U76uBxv0QmfLaZc8TjB82Gf9jWR7YocBcRYvq96k_knhCh59-k5AKL1Z&p5=gfgma&rand=flvxqja&sj=gaVY-XsYT45qpHjDfgFNLka0PV3Ij0z3w47_--yEOR5d_XdYbXl1zGGds8XD&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjii&rqs=cdpb7u22bQRxan5hcSVfivMaQQJ565d-&rtb-si=b&p2=gatq

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7A69 81 KB
27 KB 41ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf26e5da31fbcf97b58ad60baa4121ab276efd4ab78661e842fee1ff975071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1029 / 516 of 1000 / last-modified: 1635545117"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27325
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 174ms
80ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=73542c2885ffdd77&pm=bmo&pxo=l3AsM4U7Wl5wTsSxryRrRg2dznrV9jpCZRYe-RGIYFDfY4JswBstoIgk_llm0C1m36Dl1WORrvgWDkT5byZp2dQH21ezw0Z1HDMN-QvFVPkTKrxi9Jghf_8rVBo_sZUZ55nQeuxpadq8OSzF8S1pz9fjlA-0R2jYtJAKLZF3BHW-8oMp&p5=gfglz&rand=btqfofg&sj=sYptcAKSeU_BUn4ShCyZ7U8YxBmRvEFPdRSrNhsTrn3Z-LyODHTi6XYSAUMg&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjih&rqs=cdpb7u22bQRxan5hPoLhcNDnpgikGR2j&rtb-si=b&p2=gatp

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

OPTIONS
H2 200 metrics
relap.io/api/v7/ Frame 0
0 60ms
60ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/metrics

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ytro.news
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
access-control-max-age: 1728000
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-credentials: true
x-content-type-options: nosniff
date: Sun, 31 Oct 2021 10:05:37 GMT
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
x-server: back01
access-control-allow-origin: https://ytro.news
strict-transport-security: max-age=5184000; includeSubdomains;

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 297D 81 KB
27 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d72dece8ed48f4ba9c11e021a9cec5bc4e698ff95da7e378d71bca8a18c5667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1029 / 250 of 1000 / last-modified: 1635545117"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27325
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 166ms
81ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=e1283e9c4b9d1d46&pm=bmo&pxo=7NkYGyuvp5m9JNBSq8SdyoGeBCgw3H0aKsPl9_2OD_McjUyj8WWIUkR3jSsQzkWRUW8FjgbNWMGndYNd4fNBvh2LJ4Ddqt2p9Zmd_u5jJbFNuP1d92WftT9QcZKXyIJzmxjwO_7-JT8SostU45-39WXW21SLwakoVaj-sOoDB6Qexdk6&p5=gfgme&rand=gejesrc&sj=C4AdLo3s3HCw6spQmSPGW8cnTExL3T1Qat-4Tf66Ym1PJSInrfuiAIzqCQRi&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjif&rqs=cdpb7u22bQRxan5hLLrtw6-yzFOvu-xm&rtb-si=b&p2=gato

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 67ms
67ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A242 81 KB
27 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ad5608f211342564118d3b5249a7fe5d40f709ddab2f2079cd8c6cc8a8df67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1029 / 119 of 1000 / last-modified: 1635545117"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27325
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 158ms
81ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=a2cd6e42af5d3192&pm=bmo&pxo=GrVJVwnJvuiGKcKwtDemkKRXs-tKCU4d2SJUUfwEF7KpT0RT91_0ZJuRwEmClGJxPIHrlNPFxQBoANnWpUI6AvWQzXMlb65xrZ7qY9RdRsKHk0cWa9aSmv1KZUugT3LzUlSUASvFsg_a_rD4B70-8UKFWaRrXtXHBvEDBN4WHCtEuqai9us%3D&p5=gfgmb&rand=qamjkm&sj=7LMF3S52TmY-3OveCaGfU5nbPdpj8EVNIXJeCtmCo74nkZQk96NQTF5dSpQU&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjid&rqs=cdpb7u22bQRxan5hbgBbpoZ0vkCj-Oyz&rtb-si=b&p2=gatl

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4984 81 KB
27 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068a10c134968f5b4e31e5bbbe09435b445e451903424098699c484b7d1b25ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1029 / 342 of 1000 / last-modified: 1635545117"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27295
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 148ms
85ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=6fbf0559f45317e4&pm=bmo&pxo=Pjy6faHofA85Qk7C7-HeQdC6UqXGu9EMCj3C6WMtugROYA2dufAJMieEfocbtjD_KMxPvMYjNYKFUo2F6sISujZf-HG1_7WtO4rsqQwsI_hfdaBTtEznjQ58hRjym_OwG-L9oCAmBAVchbHIsmPrvRfsr7jurmBDx6UMJmNkoUwyBDnp&p5=gfgmc&rand=cktveew&sj=ToDTi9LIoBAQwxO53lGOf2BMv442QUX71ZO3sKBHGelURRzeDEG5ybhtG52x&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjic&rqs=cdpb7u22bQRxan5hlMp7RLgwq8qI4TrR&rtb-si=b&p2=gatm

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 902B 81 KB
27 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf26e5da31fbcf97b58ad60baa4121ab276efd4ab78661e842fee1ff975071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1029 / 562 of 1000 / last-modified: 1635545117"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27325
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 79ms
78ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=0db6f8ed60534c89&pm=bmo&pxo=PUHia5JLGCOdqCyslSGfqTMETKbpxGC12ESQxGAcD4bKqFbtBF6WMPXp0evOno0fJrzvnTGnEc5ctQbSLQrXv-chQvxQNgz_7rtCHwi2tY2EvHvyhCkjSbJBOeReJmeKIbXmpjXvumNaGzdGS59sIduVz0SiUgIFqGrx7jmo_xUrqOdO&p5=gfgmd&rand=gcrqymu&sj=3tJ7hUy1NAaMEIIpOAsQWxUZwqaIS-NW5760F4pRXjKPilfrsBhrCIuoa62x&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjie&rqs=cdpb7u22bQRxan5hzBEr809BCDlz_xIm&rtb-si=b&p2=gatn

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:37 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

204

supersync
sync.1dmp.io/ Frame B2D8
Redirect Chain

https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=Vrn6U3Bf
https://sync.1dmp.io/supersync?t=18af24f1-3a32-11ec-8677-901b0e934d81

0
0

11ms
11ms

Document
text/plain

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1dmp.io/supersync?t=18af24f1-3a32-11ec-8677-901b0e934d81
Requested by: Host: relap.io
URL: https://relap.io/v7/common_core.46c6dcb596f864676ef5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.100.125 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sun, 31 Oct 2021 10:05:37 GMT

Redirect headers

server: nginx
date: Sun, 31 Oct 2021 10:05:37 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
location: /supersync?t=18af24f1-3a32-11ec-8677-901b0e934d81

GET
H2 404 cookie_checker
relap.io/ 0
0 76ms
72ms Script
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/cookie_checker?_s=47w-6Q&callback=window.relapCbRegistry.relapCb5963197157
Requested by: Host: relap.io
URL: https://relap.io/v7/common_core.46c6dcb596f864676ef5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 counter
top-fwz1.mail.ru/ Frame CFE2 43 B
874 B 54ms
52ms Image
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3136989;js=na

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

altergeocs
relap.io/partners/ Frame CFE2
Redirect Chain

https://cm.p.altergeo.ru/relap?aid=Vrn6U3Bf&nc=od54SyKk&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
https://relap.io/partners/altergeocs?uid=CMTh113tSxQlKt9KDA6cPQMA==

43 B
689 B

59ms
59ms

Image
image/gif

95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/altergeocs?uid=CMTh113tSxQlKt9KDA6cPQMA==

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: web04
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:38 GMT
Server: nginx/1.16.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://relap.io/partners/altergeocs?uid=CMTh113tSxQlKt9KDA6cPQMA==
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
code.giraff.io/data/ 34 B
254 B 24ms
24ms Image
image/webp 2606:4700:10::6816:4f7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.giraff.io/data/advert.gif
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
cf-cache-status: HIT
age: 55
cf-polished: origFmt=gif, origSize=43
content-disposition: inline; filename="advert.webp"
content-length: 34
last-modified: Wed, 19 May 2021 11:40:36 GMT
server: cloudflare
etag: "60a4f934-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 10:05:42 GMT
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6a6c10e76dea0e0e-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 672 B
1 KB 77ms
76ms Script
application/javascript 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=CJ9M&cb=_callbacks____0kvf2i93r
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: 48736e272d922fad5b3f2afa3416becc2723e199cb06ff79cfce862118de1376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:37 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9E3B 356 KB
120 KB 53ms
29ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 pubads_impl_2021102701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7A69 353 KB
119 KB 38ms
32ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121586
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 pubads_impl_2021102601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 297D 353 KB
119 KB 19ms
19ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

8156274be416705f770f8d4e0338e9886f99a863f433e105dc497f2e998f1812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121587
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 08:35:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 pubads_impl_2021102701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4D86 353 KB
119 KB 41ms
41ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121586
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 pubads_impl_2021102701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A242 353 KB
119 KB 25ms
25ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121586
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H2 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4984 356 KB
120 KB 681ms
680ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 200 utroru.js Show response
data.giraff.io/track/ 53 B
326 B 160ms
51ms Script
application/javascript 195.161.16.140
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://data.giraff.io/track/utroru.js?r=&u=https%3A%2F%2Fytro.news%2F&rand=0.06359360983906948&v=1_103_0&vis=1&callback=cbGeo888284094&sp=b
Requested by: Host: www.giraff.io
URL: https://www.giraff.io/data/widget-utroru.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.140 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8877d3fb12cd988113d631433bd1935000c2d69082974ac602d943c7dbfead27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2 200 pubads_impl_2021102701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 902B 353 KB
119 KB 36ms
35ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121586
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Oct 2021 10:05:37 GMT

GET
H/1.1 200 /
smi2.ru/cookiematching/ 43 B
866 B 217ms
64ms Image
image/gif 185.162.95.72
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJDU0N2NkMzY2LWNmZjctNDIxZC1iMzNhLTBkZWRkZDFiNjU5MRoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjM1Njc0NzM3ODY1Ggguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJGUyNzU3YTdmLTFlODEtNDQwYy04YzM3LTAzNGNkMGEwZDIxMxoILnNtaTIucnUiAS8oiA4%3D&rnd=1635674737914
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.162.95.72 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: ads5-1.smir10.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Sun, 31 Oct 2021 10:05:38 GMT
Last-Modified: Sunday, 31-Oct-2021 10:05:38 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Content-Length: 43
Expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ 43 B
229 B 209ms
52ms Image
image/gif 82.202.225.240
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJDU0N2NkMzY2LWNmZjctNDIxZC1iMzNhLTBkZWRkZDFiNjU5MRoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTYzNTY3NDczNzg2NRoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkZTI3NTdhN2YtMWU4MS00NDBjLThjMzctMDM0Y2QwYTBkMjEzGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1635674737914
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: smi2adm2-1.ssel27.imcmdb.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:38 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 191ms
62ms XHR
text/plain 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sun, 31 Oct 2021 10:05:38 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 297D 107 B
792 B 60ms
24ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 297D 107 B
549 B 71ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 297D 15 KB
8 KB 230ms
230ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1268488247248340&correlator=2911212608897633&output=ldjh&impl=fifs&eid=31063338%2C31063140&vrg=2021102601&ptt=17&sc=1&sfv=1-0-38&ecs=20211031&iu_parts=176990977%2CUtro%2Cutro_dt_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cust_params=rate%3Drate_005&cookie_enabled=1&cdm=ytro.news&bc=31&abxe=1&lmt=1635674737&dt=1635674737976&dlt=1635674737755&idt=201&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1105&adys=2696&adks=1635734151&ucis=g6nsstrjyts8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fytro.news%2F&top=https%3A%2F%2Fytro.news%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=301309105.1635674737&ga_sid=1635674738&ga_hid=1800097423&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

63a467748c61b9bc7a52ac1d948e8d9723502eceabc74d45f793ee5c8fbf0386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytro.news
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB33 6 KB
0 113ms
22ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame A242 107 B
165 B 26ms
26ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A242 107 B
165 B 27ms
27ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A242 42 KB
11 KB 283ms
283ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=57062870304828&correlator=494932192028865&output=ldjh&impl=fifs&eid=31063280%2C31063339%2C31063167&vrg=2021102701&ptt=17&sc=1&sfv=1-0-38&ecs=20211031&iu_parts=176990977%2CUtro%2Cutro_dt_240x400&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=240x400&cust_params=rate%3Drate_019&cookie_enabled=1&cdm=ytro.news&bc=31&abxe=1&lmt=1635674738&dt=1635674738033&dlt=1635674737766&idt=242&ea=0&frm=23&biw=1600&bih=1200&isw=240&ish=400&oid=2&adxs=480&adys=981&adks=2592318212&ucis=1u47p061dlux&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fytro.news%2F&top=https%3A%2F%2Fytro.news%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=240x400&msz=240x-1&ga_vid=301309105.1635674737&ga_sid=1635674738&ga_hid=1787526625&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

0c580ff5ccd7c4aa44a761dc471ff105e613c2ef253f6cef8884cb7ed22a3da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10746
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytro.news
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6f39a5f37896882b69a2b4fcf7320cf2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBFE 6 KB
4 KB 77ms
23ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f39a5f37896882b69a2b4fcf7320cf2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9E3B 107 B
165 B 325ms
23ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9E3B 107 B
165 B 24ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9E3B 17 KB
8 KB 216ms
215ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2812272174523185&correlator=4209426434658414&output=ldjh&impl=fifs&eid=31063337%2C31063139%2C31063166%2C31063183%2C31062931&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211031&iu_parts=176990977%2CUtro%2Cutro_dt_1000x120-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1000x120&cust_params=rate%3Drate_019&cookie_enabled=1&cdm=ytro.news&bc=31&abxe=1&lmt=1635674738&dt=1635674738086&dlt=1635674737662&idt=397&ea=0&frm=23&biw=1600&bih=1200&isw=1000&ish=120&oid=2&adxs=300&adys=83&adks=2628208140&ucis=55jj6yto8jz&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fytro.news%2F&top=https%3A%2F%2Fytro.news%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x120&msz=1000x-1&ga_vid=301309105.1635674737&ga_sid=1635674738&ga_hid=1220133743&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

dbbe807a86f9b5b26a6ad22df99d54361f46fb1ca0748d82203f5af5308ad69e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8217
x-xss-protection: 0
google-lineitem-id: 4927984058
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257639204
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytro.news
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9E3B 11 KB
9 KB 64ms
29ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a2d4a0fea95ddc7f951c6c60137c0c5f69116f15de9fa7230dc335f85ee99fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8640
x-xss-protection: 0

GET
H2 200 container.html Show response
02b396fb068d41101fee058d08ed9614.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 201A 6 KB
3 KB 155ms
22ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://02b396fb068d41101fee058d08ed9614.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4D86 107 B
165 B 296ms
42ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4D86 107 B
165 B 24ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4D86 18 KB
9 KB 423ms
423ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2697723148494942&correlator=3389006166973458&output=ldjh&impl=fifs&eid=31060837%2C31063312%2C31063350%2C31063166&vrg=2021102701&ptt=17&sc=1&sfv=1-0-38&ecs=20211031&iu_parts=176990977%2CUtro%2Cutro_dt_1000x250-3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1000x250&cust_params=rate%3Drate_005&cookie_enabled=1&cdm=ytro.news&bc=31&abxe=1&lmt=1635674738&dt=1635674738133&dlt=1635674737733&idt=375&ea=0&frm=23&biw=1600&bih=1200&isw=1000&ish=250&oid=2&adxs=300&adys=5221&adks=25937806&ucis=4klo88nehj1s&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fytro.news%2F&top=https%3A%2F%2Fytro.news%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x250&msz=1000x-1&ga_vid=301309105.1635674737&ga_sid=1635674738&ga_hid=1454919319&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

d5b12efe4d10cd2e9c2177607d21507cf729aa0ad3933508264a044334cde422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8917
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytro.news
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 12F5 6 KB
3 KB 59ms
21ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7A69 107 B
165 B 255ms
33ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7A69 107 B
165 B 23ms
23ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7A69 18 KB
9 KB 649ms
648ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3461071576580863&correlator=1319172821809698&output=ldjh&impl=fifs&eid=31063350&vrg=2021102701&ptt=17&sc=1&sfv=1-0-38&ecs=20211031&iu_parts=176990977%2CUtro%2Cutro_dt_1000x250-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1000x250&cust_params=rate%3Drate_003&cookie_enabled=1&cdm=ytro.news&bc=31&abxe=1&lmt=1635674738&dt=1635674738162&dlt=1635674737743&idt=402&ea=0&frm=23&biw=1600&bih=1200&isw=1000&ish=250&oid=2&adxs=300&adys=3959&adks=1946117860&ucis=c474yibnk3lj&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fytro.news%2F&top=https%3A%2F%2Fytro.news%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x250&msz=1000x-1&ga_vid=301309105.1635674737&ga_sid=1635674738&ga_hid=657350232&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

7011fe1f82079e7c8da14de367472e49d7c9b57698f128373a27deeac9c039a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9048
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytro.news
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E6F 6 KB
3 KB 69ms
23ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
graph.facebook.com/ 231 B
669 B 55ms
27ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fytro.news%2F&callback=_grf_6760718054114518

Requested by

Host: www.giraff.io
URL: https://www.giraff.io/data/widget-utroru.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9bacd698c79bf6786a5cb48c892936eeed3085fda057d6cc217801f1434930be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004649881
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 175
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: tefeg5ZBtKENz2tgc6FjLQWeg1C77XTX7BozlaYRc1zIIMial65p+Zs1mnXuAWFEfHZUa9RVCfGcxwuArOxEBQ==
x-fb-trace-id: GOjwdQynWcq
date: Sun, 31 Oct 2021 10:05:38 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AH9WrNq8MKSuMopZ5N4VGOm
cache-control: no-store
facebook-api-version: v4.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 share.php Show response
vk.com/ 21 B
479 B 131ms
48ms Script
text/html 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&url=https%3A%2F%2Fytro.news%2F&index=0

Requested by

Host: www.giraff.io
URL: https://www.giraff.io/data/widget-utroru.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.109139

Resource Hash

e346406886636bb78bffe42a074b2af5d370b1087f033b036f3d620db6978b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.109139
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 dk Show response
connect.ok.ru/ 26 B
2 KB 241ms
65ms Script
application/javascript 217.20.155.208
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fytro.news%2F

Requested by

Host: www.giraff.io
URL: https://www.giraff.io/data/widget-utroru.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip208.155.odnoklassniki.ru

Software

apache /

Resource Hash

bc13af5e98ff3288a38a478423167f9bd8aa8a13e17809d7ac869f834901d078

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com; worker-src blob: 'self'; connect-src wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 902B 107 B
165 B 216ms
43ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 902B 107 B
165 B 24ms
23ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 902B 21 KB
10 KB 255ms
255ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1534875313073681&correlator=2334040911298682&output=ldjh&impl=fifs&eid=31063350%2C31063139&vrg=2021102701&ptt=17&sc=1&sfv=1-0-38&ecs=20211031&iu_parts=176990977%2CUtro%2Cutro_dt_300x400&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x400&cust_params=rate%3Drate_008&cookie_enabled=1&cdm=ytro.news&bc=31&abxe=1&lmt=1635674738&dt=1635674738211&dlt=1635674737790&idt=405&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=400&oid=2&adxs=1140&adys=1606&adks=2890777742&ucis=k8fgqf8h05qp&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fytro.news%2F&top=https%3A%2F%2Fytro.news%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x400&msz=300x-1&ga_vid=301309105.1635674737&ga_sid=1635674738&ga_hid=1577437042&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

1cc14d38c838e90695986b343976a4200de95ffc0e37eed5e85848d428153abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10668
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytro.news
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6B96 6 KB
3 KB 71ms
22ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 21C4 6 KB
3 KB 316ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/275069/ 0
66 B 78ms
78ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=d11b05b477464d34&pm=bmu&pxo=7NkYGyuvp5m9JNBSq8SdyoGeBCgw3H0aKsPl9_2OD_McjUyj8WWIUkR3jSsQzkWRUW8FjgbNWMGndYNd4fNBvh2LJ4Ddqt2p9Zmd_u5jJbFNuP1d92WftT9QcZKXyIJzmxjwO_7-JT8SostU45-39WXW21SLwakoVaj-sOoDB6Qexdk6&p5=gfgme&rand=blgtgud&sj=C4AdLo3s3HCw6spQmSPGW8cnTExL3T1Qat-4Tf66Ym1PJSInrfuiAIzqCQRi&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjif&rqs=cdpb7u22bQRxan5hLLrtw6-yzFOvu-xm&rtb-si=b&p2=gato&resp-time=496

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:38 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 297D 11 KB
8 KB 37ms
36ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e63c13d3d1e9549c58fa12067320ad16767228b5f223feff29a0fea751c1235d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8619
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9E3B 17 KB
7 KB 91ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 200 list Show response
a.giraff.io/rtb/match/ 237 B
671 B 183ms
47ms XHR
text/plain 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.giraff.io/rtb/match/list
Requested by: Host: www.giraff.io
URL: https://www.giraff.io/data/widget-utroru.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9cb46df45ab7550f47004e885582a412d0b5008c3d8e5b67bdea86db4aaf450f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
allow: GET, POST, HEAD, OPTIONS
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ytro.news
access-control-max-age: 1728000
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 297D 17 KB
6 KB 87ms
79ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9E3B 0
0 50ms
50ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKOdEQU3HhDYXS1OGUQip7ExRNyvzeqCcCP979bOvFre0EvtunXQ0zUWeDs5eZTTrFxv9njlsia5MD6rlh2AyuR6DzpeDfAOy-0HzTgwIQQ1rVfEKHXflvSerTU-MuzexVItBRAIVwO4cQSpJzXN6yRGfeGhY61fOc2IhYtuO02iIg3Vs9CRLE-QYqy_2wcNQGHiiOOjEflfmGVeg_qFZh8SGj4TGdrSwxsEjmEwZrT64nHW295a8T5zcxFRQ4ppJRg7LKFExHdzp55D8FYvwrpbTbzwGVoNf8ZM5IPluXlYZqGgu7PRGPboPgEKnc&sai=AMfl-YRJjizLbDaKnWny1n0KBFQg6p2pEFKuSHoqw5qRbr6ZZPPnU_LoHK3QlOkxA5e8SkHDfbJ4IcGQPWNq9dJ4XS8EoOq-5jxorc15bcsNTx7VK2rz6qDaRY24pRjpBpu3&sig=Cg0ArKJSzHmHnIYS5tB_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame 9E3B 60 KB
15 KB 119ms
39ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15032
last-modified: Wed, 17 Mar 2021 06:04:30 GMT
server: nginx/1.17.9
etag: "21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Oct 2021 11:02:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E3B 120 KB
37 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 79ms
79ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=76ce692b62b4a6ed&pm=bmv&pxo=fTtpnGacwEWyeMAYdxVq-AwoOB7DcPPpH2NMlhg5-2dmPK3OrHzyr22C9kBjuxn3pdz38IeReZq2HtFNExmK-Nb0fAd8cXuLgT9f0szpQ3N1IOfjWIwSHdQNWeyXiMVfLU76gI-Erz3gZN6hPwa-s_GYNWDyKZegGkSo9wmQcwmoGPYMvK0%3D&p5=gfgly&rand=lvdthfc&sj=JYxcWCGtGJiz4MouXSifEUyRW48LnSD4dHvwp8SsmuAumd5__ibw4SpegT6jEw%3D%3D&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjig&rqs=cV75Gu-8-Dxxan5hfsh29bCPwbHovMR5&rtb-si=b&p2=gatj&resp-time=667&creative-id=138257639204&google-width=1000&google-height=120

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:38 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame A242 190 KB
55 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 166780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Oct 2022 11:45:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame A242 13 KB
5 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 166780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Oct 2022 11:45:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame A242 89 KB
28 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 166780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Oct 2022 11:45:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame A242 4 KB
2 KB 47ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 166780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Oct 2022 11:45:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame A242 40 KB
13 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 166780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Oct 2022 11:45:58 GMT

GET
DATA 200
OK truncated
/ Frame A242 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145d7bec724ddd74c5e0aa649a8b311cc893d381adda4086b346122ff5fb952c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 11877504909851548528
tpc.googlesyndication.com/simgad/ Frame A242 68 KB
68 KB 21ms
19ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11877504909851548528?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qljWT6l_crJBua9q5Uaq3kS6XRXGg

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba79557de1318ed770c1f05b449afdb6ea189c7dafa0a3aa83b9d7db969be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:49:34 GMT
x-content-type-options: nosniff
age: 270964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69201
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 03:00:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Oct 2022 06:49:34 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A242 3 KB
3 KB 32ms
31ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 17:58:03 GMT
x-content-type-options: nosniff
server: cafe
age: 58055
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Sun, 31 Oct 2021 17:58:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A242 344 B
570 B 26ms
26ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 75540
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 31 Oct 2021 13:06:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A242 0
0 57ms
56ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNkILcmp-YeGBBaiEjuwPutauuAvE35TuZcuY5vPWDvLd0uCyARABINSfuSdgleKQgqAHoAG_y-aFAsgBAuACAKgDAcgDCKoE_gFP0JVDVbfPFkvxLroWeYLIF21AovcY95Qj-4GdYFBvIvfyA-OvuvJb3fWHfi4BIgNSs5BDB-T_48bNSQmzAqFPyj92l4zMrbiAF3oPUGJdk7lSje030_ck2AW4H9IOZdQpiSC0XYAPpFpuiuPBXIdQHgUAe2T0hLy0M2s77yIR2hYdNhJ4Spa_O-iPgXSl-nU9fNwRlh66Ik1ThtZVDqngWuE66W-32ujVpV_9oyE0LGCZypbx__2ELCxRlYluy0whbqTemni3ouGlugxJMA1IBA9kEDHUISViGUhF-1jWt2m3lPCmHXvA4RzOLRlO_VLre0tu-wt4x-kAaQp5ScAEwqztxMwD4AQBkgUECAQYAZIFBAgFGASgBgKAB6y814MCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMatE9IICQiI4YAQEAEYHYAKA8gLAdgTC9AVAYAXAbIXHgocCAASFHB1Yi0yODYxNDY0MjAwMzM4ODA4GNnIHA&sigh=bqo5ebLQ2ms&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 87ms
87ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=9110c5fc5eb7cf97&pm=bmu&pxo=GrVJVwnJvuiGKcKwtDemkKRXs-tKCU4d2SJUUfwEF7KpT0RT91_0ZJuRwEmClGJxPIHrlNPFxQBoANnWpUI6AvWQzXMlb65xrZ7qY9RdRsKHk0cWa9aSmv1KZUugT3LzUlSUASvFsg_a_rD4B70-8UKFWaRrXtXHBvEDBN4WHCtEuqai9us%3D&p5=gfgmb&rand=ieqlho&sj=7LMF3S52TmY-3OveCaGfU5nbPdpj8EVNIXJeCtmCo74nkZQk96NQTF5dSpQU&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjid&rqs=cdpb7u22bQRxan5hbgBbpoZ0vkCj-Oyz&rtb-si=b&p2=gatl&resp-time=589

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:38 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A242 11 KB
8 KB 28ms
27ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d701520a4c9f3b9fc4b2d9df37431f62f339d78e5b400dde6613c93ef6348dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8572
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8A2B 12 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 30 Oct 2021 15:45:52 GMT
expires: Sun, 30 Oct 2022 15:45:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 65986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A134 783 B
738 B 93ms
48ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b72c006daacf687eb8131e613f5fe2a307a60d939f1e932277e8576491285c80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s8Vxoy+AFeIiHtI5Yinpxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 31 Oct 2021 10:05:38 GMT
date: Sun, 31 Oct 2021 10:05:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-s8Vxoy+AFeIiHtI5Yinpxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9E3B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e7916409a1448edcc2ad276a9200afd9c725fc3b279ec16fc2a61ba1ad09920

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame A242 0
0

POST
H2 200 stat Show response
relap.io/api/v7/ Frame CFE2 2 B
672 B 68ms
68ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/stat

Requested by

Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-Relap-Unique: ZjkyMzgz

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ytro.news
cache-control: max-age=1, no-cache
x-server: web10
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie

OPTIONS
H2 200 stat
relap.io/api/v7/ Frame 0
0 58ms
58ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/stat

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-relap-unique
Origin: https://ytro.news
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
date: Sun, 31 Oct 2021 10:05:38 GMT
access-control-allow-origin: https://ytro.news
access-control-max-age: 1728000
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
vary: Origin
x-server: web06
strict-transport-security: max-age=5184000; includeSubdomains;

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6D6C 12 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 30 Oct 2021 15:45:52 GMT
expires: Sun, 30 Oct 2022 15:45:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 65986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D9D3 783 B
1 KB 25ms
23ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23f3998a0f3361d908cf6ce44da36c4a3866b025f0f19bf8cea590509823abed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nq9gy3RFgStakaNhuQ8/JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 31 Oct 2021 10:05:38 GMT
date: Sun, 31 Oct 2021 10:05:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nq9gy3RFgStakaNhuQ8/JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A242
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

55ms
55ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 11877504909851548528
tpc.googlesyndication.com/simgad/ Frame A242 68 KB
68 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11877504909851548528?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qljWT6l_crJBua9q5Uaq3kS6XRXGg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba79557de1318ed770c1f05b449afdb6ea189c7dafa0a3aa83b9d7db969be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:49:34 GMT
x-content-type-options: nosniff
age: 270964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69201
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 03:00:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Oct 2022 06:49:34 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A242 3 KB
3 KB 17ms
17ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 17:58:03 GMT
x-content-type-options: nosniff
server: cafe
age: 58055
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Sun, 31 Oct 2021 17:58:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A242 344 B
402 B 17ms
17ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 75540
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 31 Oct 2021 13:06:38 GMT

GET
H2 200 1915447882
s.uuidksinc.net/match/246/ 0
266 B 58ms
13ms Image
application/json 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/246/1915447882
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
server: nginx/1.19.0
access-control-allow-headers: Content-Type
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ 42 B
201 B 426ms
98ms Image
image/gif 81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=77&external_id=1915447882
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.gif
stat.media/counter/ 43 B
265 B 59ms
58ms Image
image/gif 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.media/counter/sync.gif?system=directadvert&ext_uid=1915447882
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:38 GMT
Server: nginx
Content-Type: image/gif
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: 0

GET
H2 200 1915447882
s.uuidksinc.net/match/618/ 0
267 B 57ms
13ms Image
application/json 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/618/1915447882
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
server: nginx/1.19.0
access-control-allow-headers: Content-Type
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8

GET
H2 200 container.html Show response
e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 80AF 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 74ms
74ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=8eac264b33b2f6c0&pm=bmu&pxo=PUHia5JLGCOdqCyslSGfqTMETKbpxGC12ESQxGAcD4bKqFbtBF6WMPXp0evOno0fJrzvnTGnEc5ctQbSLQrXv-chQvxQNgz_7rtCHwi2tY2EvHvyhCkjSbJBOeReJmeKIbXmpjXvumNaGzdGS59sIduVz0SiUgIFqGrx7jmo_xUrqOdO&p5=gfgmd&rand=haiaana&sj=3tJ7hUy1NAaMEIIpOAsQWxUZwqaIS-NW5760F4pRXjKPilfrsBhrCIuoa62x&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjie&rqs=cdpb7u22bQRxan5hzBEr809BCDlz_xIm&rtb-si=b&p2=gatn&resp-time=726

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:38 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 902B 11 KB
8 KB 29ms
28ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecab40c4279b9893a93686be3cd8bbad1df154f0aa313a37b2358072a75b6474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8489
x-xss-protection: 0

GET
H2 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A2B 35 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 17:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 30 Oct 2022 17:00:27 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 902B 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 200 container.html Show response
c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8678 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 78ms
78ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=4caf87f184bbf150&pm=bmu&pxo=XKupSqAQl0geG0N3j1b1PkLCCwqJ_w677eUZdVjhz_PjJW1UskvF9dvR8BcU4i5qD6gXwmZBeR1HO11dLd_fp5Oyu-IZG0RCr0DQttwFTVj2obyzDfUJoXY4U76uBxv0QmfLaZc8TjB82Gf9jWR7YocBcRYvq96k_knhCh59-k5AKL1Z&p5=gfgma&rand=iokmbyu&sj=gaVY-XsYT45qpHjDfgFNLka0PV3Ij0z3w47_--yEOR5d_XdYbXl1zGGds8XD&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjii&rqs=cdpb7u22bQRxan5hcSVfivMaQQJ565d-&rtb-si=b&p2=gatq&resp-time=851

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:38 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4D86 11 KB
8 KB 28ms
27ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ca6d9a4d6659ca24cce83275004aada9c50e27a320fd1c2531ec265ff6e8b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8535
x-xss-protection: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D9D3 0
0 61ms
59ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102601&jk=1268488247248340&rc=
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9E3B 0
0 58ms
42ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuucY9HbzvoS24_atlUF2PUrc1cf4XPBz_k8E3BKE5ahpacRDHra7I2U87eHr8jBJ82fHKrmswNwRtRKZFnO26vYG6Pw0GsP6vf4OEFn5TSP5xlRqbQNmh9lK4VbgsmaCqhNIYV7LlZDLKXd47qfDVJv5tw59tSjs-5sh6KCdmqTn5p9s7Pg3K_2jA_xQhvVgzTRXB2L9ktPSu-XEgYDb5exDb3Ihz9tY3BJNqUMcaWr7PJFSo_WyDwY5DxgS52z7fU7dZAfOrp5FTj1Eiz_H6-a7sUp4_Iuj6CbAJyxJzY1ssQyRn8xLV1IKwloLiFgbY&sai=AMfl-YRGuyDsL_IadyilAxuBoVeSkUbt6M3__GhLWquf537uoi_83NPFYFIorbDQ-m3si4oTCn1SfoldjvB2F9F3Ti_yNZVz688SStdmR1mc-oAY0Qd6OliqUhLYFSrZoAQx&sig=Cg0ArKJSzAG3cuGZlnm1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A134 0
0 60ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102501&jk=2812272174523185&rc=
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F117 624 B
426 B 19ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNW1A47ost5-uUp0bzqnQo0Cqx7Ac2R5fK60ViH-Fh718BdHAETR3tS_2BhK9N6zKxt022XLTR50vrWZbsHGo5uctZyT9fj8cqwpP3Qmn23ATHx4C0rAK96ptUtQ9ePoN3_yOShvDiECxvgJ067u9vbOCb98oiXT2wCXLf89yD2XBvq8Zto

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 31 Oct 2021 10:05:38 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5B4E 26 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCq78oPGljshZjiaZW86CWMDwDQvFatQqzqGMB_8or6TGJUgkLkkFjPn3vX-exxfHuqzi7ryr1weuru-djUhfSSckw1xyyvpj68CwaLnHUx1HT8bhmmEJNfHCFUcW07RErcldMIbfuNX3cBvKJ9apQVdV-oA&cry=1&dbm_d=AKAmf-C7-Kdl-AclTxG6Qs8QOdbAfTdezCXl7-E8OP4QJiz5Sa8HHFN1NKqesQ9yt87DUPUcTb59DhklZWgLl9a8Q3o6BFsbImnkCfO80wO1rivnJmcC7ffHoZteyQqicHWsBtkyDrZmdZAuhKwE4fvcrmnUlkDm9ITRSBouDAglCcsH7P7HyRm9-p-IY_XJh0ysnxl0x1UqglEtfpd6rJUeiTLKAdJzPVyaRrIk-FePGP8lP8TD0R3Fu8_xSmsBqg15WXSnFW7jx8Uv-Bgm8_D5yJkOI0QvH17Q4qNM3b4UFTtqcP7dU_Xc6y8rWpOM3Uf20UowevBvGY4Z3eYkRg1jOA0jh0itT8E4Vu1-v9HwrsFMtlkFr4ykW2ei51aKLS4VV6NIGtmkopbtR5l1ybXmONp2R0oRq0cpJVo0b4bZCwR6UGWHLhm-RKqHj604mIqEUfCxx7HGahfJ9vUqNBFDVsKZ-EVWvot8wSwwESpSlG5YTk_A9pdVJ9OnxZq3oIxLEJ8kdzTvQ8l6BIiUzJVo9fWPOfDqEJl1jiwjHG7OLOtJ07nxQlGEy-4LkgdONCagnHmNMpSTKKyCRiqAADPAqIFNwSGK_myr5sqZap00RvcGNIyoQZ6eoDgkPgiMmxp5zvAJG-Pmn3CPG87qVKEvYqeEprowEm7zZ50WYuZPJ8Q_w5LlER6i9ajz49T9H5b3AHRJmoWYWG1F-ht75WTMQYn_BeUVZgQB_0yBpiQe9FK2BoN3w1OpXBBdIJoz1h3vxSOyj0FhhT9V7xF-YzTn7uTIbmZLAH8QL1xi3ynXBzunHiG9Ni7R53k6JoaGN2EokdXPg2YSXgTwMIMA7rLhoOSrSt1QOyVEsOTm4DCW-_FFObKhr7rlXkCKOAdTN8ImnfFeMIn_uhXyhYR-yTbIRsQXQeviPiyIfVUnFQx2rUFCGtFoB30RIZsvllTBZxcQzAa9k2o6TP9fqJqxIvC8WpmDg1c-Qfmh4mXZzEmkhoodUY0W_52bQc_P-WXyxiYuq6wXud9ujy8kRjxCwu_sSiunJClGlMA-7SoFh3dlm8076dXbi7n8qYlnMGTq2MrnmwwOuGLC5jw_btzGY3WVXVNVUu7Gg0XM6ZuOgTINlpYeWCWBPqlhf4mIiO76uheoaDVXK5s7QgWTcvyHOYfeT-s9gXB5IIhK4CDK3vEPtYQ6HmUsT34JWQvaGBqMD9qLIXjse-dNAoPdkDfqIXO6SRv3_wLWgOwryVWC0_RPSZG6Jl1nrXHQWQ8l5pkBVITRKGCg0g_6_Pc3bzeQVtEm75QpaiX550jxaM9aGhbRti7f9go9-4eFk0uckf8zG2d0gEwN0ROoZwevmaWlNIp7dY6BR9DXgxTKTlS2S7f5GYfoCOeiU6XtcttFaBVUHPobciDob5gSU1c0b0leBfmbhBTS01Byl3lQpWsSHdttVgjD0o4XF9Wdaxrrl0I_wkNl6GT1z1BuiGVAgkj-LbD5FuJym9E7ZMFnP5Bqp9pcOezblGiA7hoGLGGdoOqz6K_m_2jhRf8QWkb3kEf1badKhBzaOTrRYSe2TND-bhFw43IvLGQk-wv06A-opBRKk0XcHBtCfLLC0O4pkXqKte4CAntiSncFSIqOf177utgjXlU0t1tFggCN5JIQK4X6-n0_craUhfrxXmQThGhIrukLrVFyJxMg_1XSQSbNCxvb3upgmUU4yJT2t83klM6ytccDmTLlYVJr3rFUeQzNKBsdl2jw7Nxz7cd7roUhOucJln5xw0TShHoaeaRtKnB4vnXXcoD3CTXsjlWFlPBa89TB4BIqr3ZMTz1S_MYigEXd9z6MiV6nyXYfgPzT0Ph60PdlMr2h1I0Zy96HULCuop-HIIpfqk3ai0DG7oPID4oQ7Yvg57WE9jZpVHtW8bEOi31V0zEQLWaT3Go3X7jFRMTiLn6LrFNE_SXV-jqYMdN-bETfEDn_L3ku8k3nbXzl1ib5k7_Ki1HkPojWGnp_jYXJlMEWpya1WMYjnF1XiO9cXIUyrlJ7bRCCgyonAWtvu78LQtHaHUzbmsJUlLfaivRrYsMbRoFi-ZxXN0LRrhsmrCIZtmSFVIdQfFPDly8H3kEOj-GvRipa2c0q_vi2a7vxBZjjn2yo0VgZjPNtyF-_gxt7GosAED5OAnr9-DLbGV1Tp86TGUCxf2920dPi6P1iSdz67Mh1eRdq_YpFJR4nYxLQaxTtb97c44AabTkLIYmUCBUEPM4zSgeEgsqXUeIPFZoV40xo8pHCc-QTDHfBD1WWizihthF19OLUvXp1t8rMm4gIxIHu9VATyyJH20ArfCskX8Wyth0FcsYN7eKYKBX7UKYlAIJCTFlQA9mQj0C9lLHsD9t_is4MeGvkoEdVK8YyqoiWs3B-3AYV1SuhDwdOpZJZTe3QCkt_8p8JTWR6qtugAc3IJXGBGYewJfj0SK_d9Xbm3yaqldjeIu5YcCCY2ZKwiWaULX8Bg4tR3zSErFIT9KGhp_3yMBZwRTca71TMUWiopNNd_RlIAs2NQ5U0S666MPYqkhLrHtiGd4P9QeUwfpuWn4nJe6R0z-P9UrOzkDA55kwn-TClE6WdNw5effvCPNTwQuxpCabT97CZZnuHLz9QHxHqS4QCrOwJpGsZOxHOeOVsxqxPZjA7ySqHHT9VuNwJ3UDpkG5XlVsXyJ5cPRU8oRR7SRs2waexEvlehS1rSMxG9vTc0PgJRMuNadGs4WdS4tMpgAVGn29Oqqo-N_XR-J06a8zXJ8RxjdbihIZNZSWC8onNNxKV72auUOt74OvV1q7TUeuqaP9AZtGbWCUG7Li1E94ueqfr3mN62HlV4Xz4h48gr_ReaUnwgMCxqAmsSm1_5PaXq4DqSMqFZTtN8k2O_iYGT1Zvd0KabsYnHz3yXeAAUtIvQ0Sif7JQmvvxmwVUS_UecYjmcgiw6tKGeN3WspyAy5ZX31PEYogKIYuZ_k4pjy7WqZiy-OfPjzgU4sIvBGOQ79LcfgPIJ_fOmSC-0hoIAJ9yqAoSA7YuYf26oTpdhpj-KF6o2ZtZ_EfJ1HxNjDHJ_ALVhef2EGyVurVgmCzLfdQmFhBlXrIYX_n2KPFcb7Mw47GBlb8VlDI8V9Y7sdKpW1Yh5M_8TUv1oAAUl0-clPBza14t5dV1IQA5Q6ixmjrGmPIgFOUbsmTutMVk48F6SvaSYPgtKVP4Fd69PVVLIycZsjFFx2xODKh84JXEtQ3RKEvAJ3ql13HCznEFt1fQS1royelBYQaBv8lSybUgCR9PSHi0uGmWlu4VUuKa6Yva6li25hn6Ve2Mf1io_7Xt5YG29J53abyIxZ9YVga37r9lt5Wlni89VxZRAuPCpi8OFa7wkvWX5ALIjj3MBGmx4pEM5Ex4fjPEl5sMdssJdp3SOUY9uswh1gygrMmmU5ndBu_fU4rSIvEJurJiE-PJqxmY-0tyJu9i5wYRrkYnlTAwblNdriuCgaVoL6SYPWzw9O999ASbjeRD7POPSSnDO4PB1CeHOOnW0bNHajfqTmXxxN_1HmI0WxISKDh2Su4As0CYyZwrkTBts8OMG5_KFK7FMyYl8D7dwia4EJQXOi1-_NNK0rAM7b_K8UeIhOEfEvbnkkMKo7o&cid=CAASEuRo1AYB68kc9wK5nOJBbODohg&rfl=3%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d2b19d59ff4960e39d24ae180cc46d82a1d972e34c47bb5b9b3978a309a7fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13880
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 5B4E 3 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 09:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 09:58:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B4E 120 KB
37 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 5B4E 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:03:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5B4E 0
0 21ms
21ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrApAWXwqmep_-KInSOxHmepQ_AlFhF7ZvrNDNbtOHL3dZ6rvS09jaJ5HN4kjjDUTqA0-jsH7Ob_v3aoQXqEaV0VMdZQ
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B4E 42 B
173 B 40ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BWOb378N5Y2XI6VHTiQkVEwVqnNzUTv5axTqfaVhhgDQIQHj3csleeNWIRu4TcpJVMFO8yf42-p01e8-Ffi1ZVvjsGTtqn1Yl5QZi5lvhQmx3CE8U

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4D86 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D6C 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 17:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 30 Oct 2022 17:00:27 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CB27 640 B
363 B 20ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV8Ck0taxEE8XzgmP5WECSXZ1rJkaCCqttrymh-srFMxdLfUDFo1cNBlYUOnJLxXsg58S113fjHcuU2SkIyDUDVf8EohhZRkwFMFpjJ0TTRp0yLy848RrpHKiv_2BAW8-mqfMS9jXjN5dUOyPBijnh6DCFtmUO9dX-GYmz5bYKjiWQUppo

Requested by

Host: fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com
URL: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 31 Oct 2021 10:05:38 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 21C4 26 KB
14 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOB4uptPih88gjMWFeW6PNRWoX7TkGHaoL1h3Z-YwQoWYLZPiJd5wTQmB_cirWsYwyV2UvdaUuYQF7d_BgJPkq2UvEGKGilA5oDfCMgdPWmbjDIGUCdBMlzlNn3O7DB50V9_j9C_v338RZ47dEMb5J0FjGyQ&cry=1&dbm_d=AKAmf-BVhyvgA6qzB6rzjFpUPKw-RFWIKUFUOp5R8Z_93GgUKXoeQl4Bizu6muTUP4m8v1VFlM_lV8Iij4Xbn3oX7fGzMD5yFTFSLCP-MJLDA6iLoYuUSBI3J6DI5wbm8AEXWyY-D7kBzYtoKn7YTl68pb0tD5uEnji-UDZEDy04G30BV1EnLRcu-DLOGruFV_k6KVzkWWFb7Zrc4s2MrO7Qo6YZ4TSKkKbatQxQSmEY5v2OtRM7MbWi1blW_1FRxlJVnJln7cx0JEZ1jDFRWrgZEqnUUdKQp1zw27F_Ll0PQEXVbbfR8sIlSvebCYvbpci633m1luMOIImDzQ_MnFK7cMlKxJMEyVJf2vQ-BJl7aYRCtSGceumhbt6WMMn2qjlPneI0rKq5uFT4_CRtv3tH1fjtvofhUgkBzX8UELvpgr8sLtXAH2l31Ud7_Bdh86o37Mp20BUlZUn0maeSPDMBJ2xXkLdnRm11MtfHgC3jVv1XpGc60PbuO6-Xec9Ccu4oO1qcm3DKO7JBlPHg_F_CxcSgxhDTxaXlcwzg4-0MuioeBs1osZk7ShyS7Af1fzUUESH4cC06guo7V43TYRZkGNkH15Dua9Q9JeiodoMGQla06ebKYlqFn8CxHJ5EsHTfjKtyZCYnEZ7T2jsJ0_mIzHasZkbqRAunhTx4zKThonc_nE297UvsNn851pubq4GWyYQtWq80GIsNv1BuoBZA7BbHe2POxLcg02WhMER-ehdFm0Pzd2gTypXTti0RUG3gYmgqpNuSKBAhunXlx9MXaTLAwzI6a8XSKOQhZd2cyPKHtJG8he81SEodAsu3vqluQv03ZI0GSAPMTX3RK5uH7sdIe9Vn3Mf4Xldh4whMqnAp0e-ugshJtpsHuhgyRD9NLLbLj-S4XO-_1hcBpX8gv1IYn-uMDcQseNyvlcUnrLXn613_ddAYWjBKpvesbo7POd9W8mhtCj8OmPCjjFhk8cHGm5X2u_vgUlgwWcS6uefZ3irUHP6LlAz_wVMKgOTf5bPTiqtkclNGMDRkfr0s5CXaIqbxxxJxKghagNnlsha281OA1TELfqQicbkl_WHlbEIZxdwWzy7sdDNttDHyjG4DZwb6wFm5j8VutA_SWj0yxJC1WxPKJ9TlT8aEkbmUMue5TmqzPOUd4gUg9FrMa8vCAbvZbBx7OKnLdkn2U7lguPqf1u-yiM4hLT0Sh_Hc0bh5d4qT2Bi1tp2Xq-YjlOrhPoBKwjcLWonZ0ISYZDRyKi-4vDLi15iD7e_CnBvKH_FJn3qzyubgTjIU0UjmUZ1OXLFTJVyb9-8mXMLuoorNJXqs3YeASxLOGeKgvXRkAeQYmlClyYhVY4-VuERKV3VbmpwQjuOATcDMJYlDCmpr0aPXRwJOJvwckkaRPo0mbo9nqQJ-aPwsIcjInOPsSvA99DjnDeXhADxMHkszp2-iWp1yC8FXEA_dcKxa1n5JXcuOBfn80x2kPPYgQJPCJGa8sGQty5n7u6O6KmoUmwKHuhzKH4ehMLoZpAVeaSDju6bATN8lcefQk7dZmjBoeCT8bqrEMs-SsJM6U7_1UVfr6KymkpxHylxmM8BAfH1W2aMy5mk0imxUeMk-vyOgEHtqqPEQKwFVOEND1vtQLuUWkljOOnPoqRsK-lpToCryZWGhQlFCg0TTVFf-5_RDcyDxTdWixEL1631WK-SB7zsjh475wIv5D3j8mhvH8LFyLjR_6Lzu5POKNS1QvG-QdzAcX_w1cSAseZiFclvQZ4hstFVfbf4NHPL4Cttx7TiZVFW3x4LUwVnnTj9Bo80OzO-vi6jT-rasT_qsoccMbhuja1z28UWUI_kyjHwvvcr74Drjhwnq-Bzp1sBbbx2CWEFhIAjqjcW-6ZKz2qE3ZnP6BVW1g8b1R-GctgO8w0xswMo6Tk96UUog2GlZIdlISU6Cxp9vSVromzmXm8C6cUsTv4oj5_Ezi352K7tTJDp3Y5YYIs8JKLNuXylAyoIkrOQlmL1v4bztszR3yqaECYIbEPXPcpqe5SEgmr2LvkuDG40owWcD_9pZaMlytjvgXYIBCDt1VSC3XyH_7dHMreSlQMyii5SDISZlNetmPAyi0j7WdOK78zvbG7p2hV4j1b9EuZ9ZauuyDkRIIys5kDMMqRtvB2HbqOgRV9AxxvaOksgOjqaxTXprW_lKBShWE7Hfsd2wWDefG4aVd16eTkjAtYORSp9irZoaRoVyeIQqh5QsTYmozqGEaUzWb7wYdZgoZCP-7OLfCHSGcnlfcwuesqlIFNKouUzvAMpOUzJHyJPmBLre1QR_bwJ10JXqj06WwFEek--JyNOU1UBX6szpxC1Y6VVjb_RTDSegbAHC0PnBLYBxt2cUruF_rHdzsrHHBNxYrSOMsh9VrNLIxy9-0BPivPexcOnGQNWJRyrhQ4x8uWZIz_jvpTeKO6BIVS51GtZoTDQpmiHoi-5JaQRoDk3unEYYpLWwq9G0BPJk7JY6ueaBs1AaH1KoaDbDtE5oAiBUt4xf1yXIWyv9EJmFYcTeq8BbYG_hc5DQdBwJS98Fgmyna-QotxBY0jtEf8oloitafjvnDI0t1oZa3prUIvULRc4_qKH0UCnGCmjMRK6FuiaSxAQB2U3eQPgHxifOHyIkhQ-_QLjyyWlxogB9hPdOhdDLx-4PZJNHVOXtyhVCq92KHtcOk-ldS7IiJDZm1OWeMu54saYWsgN-rlJxvlj22gtWQGVnVN9x0nSn-7zTyFy1wpQJyy3WjRcZvqgwoO0yOJpzCgmOuWHS-0mM-nYFMDJ0T32LKSDkDxI6xjR4V9Fd-DevgGSeLmUpTxuYogglKtw-o3OxwwEHY1r-IIJTREtRunVPLWZaHVYrQfrxOzH_DA2JpVTmoEGSI7BAw-FZfJxskP4dTqUXvNLQJ2Ecxxmyameois5AkMzeo1wo_CqbBgiNs4OoGMBm9tzm1EZeEk5LmvqlPTVQAcRB0dLhsJHKm6ginfVVJxpfwSYFCHl2yRxJyQopqWlxDo-_NHVBLgMnNLSLAPN28HJ0m4WQ7fzPpp4XFzHncWIoKlZUqkxbovSUObF7D24pfhjJ96hffULj8QEUY4MuxyLz1jJu0YR07t5FB4ifCFUiTSVs8z0JMkHRg__6ZL3yx_asPNG1EZcs3W_DFb8c69RvtHimVo9VcQLZKfqRY36PoVeaKr-9Nzk2YShAQLXMr-cVAYs_qFLjxt77EIZSJPnVZ0MplNtuMTcMJ0MnvS6izERcdfXOgnqstCAU_qNSwul4AOAK2nQAr3ADMUZStJkMLKT0fi6jVNfMEwnJY5HFOOHOxUoecgsvdLJA6N3hBIZU9gNCxjzbFFhJA2Epo3wn5MsX26zhwR36vC-2HswfnmXQ99FJTMF0NEkpwOnRScuQrefye3LPqyDvVNdYVZuBJulmPtUJIeyDMKZcewqVMlhVQa6q&cid=CAASFeRoWNsefSHZZe-u0BT9D0tgF9nkNQ&rfl=2%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b00b995e5bacd71f8042e5da70f38f32c374d4d1055c112e8a1662d72deed67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13805
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 21C4 42 B
107 B 41ms
39ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8HnrjNKITkMLJLj7oz7Q8rwJeOkjZX8RyAIAfFdL60_Vp2ftoNJ1DLNo2sWT46RHev-Wp0JSehikCCU8MiF6lgh3eLRnPwOeNkb6xkyAXOYrWr0k

Requested by

Host: fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com
URL: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 21C4 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com
URL: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 09:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 09:58:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 21C4 14 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com
URL: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:03:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 21C4 0
0 22ms
21ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4qer_d0EfVcPppi4hLxTSlCQ11UyjjANGCsxxmjTAsVl4Mm3LeTvhMSS_TnZ2cJ4m1Bc3ceaPT0RjqTwaKipyE7xX3w
Requested by: Host: fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com
URL: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21C4 120 KB
37 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com
URL: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4CE2 12 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 30 Oct 2021 15:45:52 GMT
expires: Sun, 30 Oct 2022 15:45:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 65986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 950F 783 B
737 B 25ms
23ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4add0429905c9e5beddafbb43671f992dfe86cc84c4f9a7d1d0ff50f91cb17ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1DmoAOZq6MpPcTcTuAbUwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 31 Oct 2021 10:05:38 GMT
date: Sun, 31 Oct 2021 10:05:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1DmoAOZq6MpPcTcTuAbUwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4984 107 B
165 B 325ms
23ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4984 107 B
165 B 23ms
23ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ytro.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4984 86 KB
34 KB 222ms
221ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3012842546461920&correlator=2602173343327706&output=ldjh&impl=fifs&eid=31063312%2C31063318&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211031&iu_parts=176990977%2CUtro%2Cutro_dt_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&cust_params=rate%3Drate_005&cookie=ID%3D2cb4005bf3187585-2286d0cc05cb0034%3AT%3D1635674738%3AS%3DALNI_Mae2GGrIytKCBAFStSDO-D8tQfPWA&cdm=ytro.news&bc=31&abxe=1&lmt=1635674738&dt=1635674738716&dlt=1635674737778&idt=885&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=1145&adys=3131&adks=1284509166&ucis=pofwr2m7gb9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fytro.news%2F&top=https%3A%2F%2Fytro.news%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=301309105.1635674737&ga_sid=1635674739&ga_hid=365510017&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

1b44d1301853ab659d9bb700547ab0277ad55323998d88346dd296b32a5cf063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34933
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytro.news
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5BE1 6 KB
3 KB 69ms
22ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DB44 499 B
381 B 21ms
20ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYsqK9lQEwAQ&v=APEucNWuh7JLNOtonHawDK69wyFi6k1S2GQvJ5qRjSw4oQE7Q8cTld4Wk7aRqnmLBI8JvjfER87wzGq14oBEW2Cgsphvn_9XbO3q0fXNFqW_PxHfYc-WWhOIbaHuHka5ZhNdaDMYX518XUGcxIy24Ptvacqi7Zh8IBCvCbBDqqov-WYAqO4nUaY

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 31 Oct 2021 10:05:38 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 942C 26 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DicTN1MkKdJGpqXUUSjuIpPhCoD36BYQXyQ9a4qVcGg1mLVcndnfXQ0Qt0nvQcDn-g6L4X9hsvCjQBfTwA4eOtSeqyk7ZTE4j-SM8OHc5Ue9JAb_cV1l1Ytf5cppg7NgJmJuqCkEJg57zmekHGqjcUG22yAg&cry=1&dbm_d=AKAmf-C2HI2J62Zc0bl-3Zo8AylvLRwuQbEgBAI5Ea321vtEjK-09KpCB0EWuP85qNbTwBlhlDwZQRl7AA-e5Z0ZxnKTaTJsOLiOW9IfrfpREvAxvWwCF8ZI4P-iItEOWZxc6XHGbuu0ZhqpghdqnmoTE1FnUALyxK1f9reWllbLX0BQd-cRUYJznTr_NL2lLudGtgdOQakN0iEykMilo1O8dkypz7llgvs9QSgk848IE2QK1BHTcKJEMe6VezSqo1_hoTPim45Vqv1PGG-4UuAHQzet5nYLWhW4AHkgC9eqMVxtT_KkMK-OqR6cPGwxXpwQT5YPBp0TokItJH3gH7zD_tULDSFG40YSSxA6-z7MAqcgb7fdQZC-N_CDWoBGnU7mDVmxS6GbyZw8E48iU0CM-3o9V5ctKvcA-a-QJRJv9s_Wu62C2Rkxm6aobn_HctIm0U-o-bAiH3OEbicpeCi8OZ6axQNR7I-cz1t51lWH6-3UFcebZpmUSG48XlYlimQQnPsV1JTLOlnsOsyIkGc9Dqcm0ouRujM1S27Ub44N1JrjMEwvEqDjr2a3vDDeXuNVaJi2c1Id-ly48jqGX7BR86VkgkIm9uuuzV3Rz9tl556PYvEf92AOZQsgPT9jyyLVTICoeV0VspjbDmu_ZzPV3NSmljwGRTYeg1MASMwg0GQ1Nnc83Ztw-OETGWrXj7UQwin7SsmiH24k5mGCRaZ4x6kGSw6D2gD0_wQqRXpNofK8ixP79su6kWEZvqJY_3JsdjZwVrA7iEg7jujpLEiBIhR4E6tYZNcsfuj-eYyvv3UsuyFOwO5dwcnD7ryOR_pMQXoS659Dr1L-Df5tkOMjFzNp53UG3FiCdzYQdUpsEhCVBhl-LV0zNw_dc8KhRQLW618pSU54aB4V1sJ7c-x86q-6m5rqt9M4HHM5-Hb8N8HKySdRAakbvB5aBVdYVpOiQn_d3E8-3U9E-rXiUkidZSH2fpaAqsUg6xlovauhgvprvyM2G8AUDJ_6FEsqUK-xL3O6eD-W3w45N30ImrCG1QM1iAhpNoXTXMjQADSJd5KlSIHPT0gRAfWfYEubGrhDYWe3lH0qcIKWhK24CEW28AoLyIVDpba01oN78-e2-2WtJqiFQzGm-UOM2SjKwzD4ljO6f_7wXTIMKnDhfVis1jmKlLTbWe4TvcRRuyQcgQwq29Mjx7FN0wdWrXoaWiDizAzC8a0_xShmv6njYglBBYg_mRAGReXJ8KvTLoQp04dpJP49lExR424Epwn0jl9Kn1uSlb8uEHhr0DVQSsds-S4ZiSYYNF8jXNYs0bd1-GO3ciaRR0j5BDY5Zl4ckgJJdm0PmyrqR_Z3_zf0dQtB9JPvESnHX6ARb28dRdtdEsi1cPfgHCRAlls1I1kbI7X16ZYF6AyRMKI7fxQF0GaxvDWyU-AyeturzGiQyTzjyavGmnFMKbETl9V7RK1SHd0putebGdkeu-OBNVPDlCzSe60RyyeAvAaEOHEyrtVb45CNSfrGb8RxwoMXLeq7Vn0PChwc_IFPAv0hbrwI6qGOm35aJR2E4yVH6Abexwt1-DQWJgGFcgvod-rgBaZBXp_mlhN9ak-8ZI3SsfOU8N-3OdmnA8AZxC3Jb5GB0yL_JeSOU-cPIhhJNV6OjxRjO5v_zIGK8gRM-jpPtUowP-mAuaeF_TB8ePYVUeKX-Ck871qnbSeMudunRG8t43Wmc_3YklnucsdjlGtpn9oyY7LqMLm9XmC0HYwHmJFcOlU_hTZZcHYg-8TmR4UuRWoYUa7MC79QhDBw7U4hsnLO0T7lwdkWKjK9ctnXYMnZSNQlG2bdUdkMGrmLYYmFnCUBJ0zeyEEL8aWmClVuhZZ8DU0Hoy6rjHsSxEVtE3bIiFBS6kFTymMXRUOMg0oOLnuCib1FmKTK1JNF3M-TJldvMusaeFZ0JnJVFu6vsDqx1oRze8-vJRl3TDO4JG0jCvgqbm1bDOS3fjvJkOl6NFugykG27hS_hjA_FzU5qsy_C9N0NBYkrF25y3MrDoGQ58nsVFDqPs97iOS_PGWs5QkVHDq6dm95JACg6PavJD43p56EK4w4wUZMfDhq2f9Nbm5xuf60e8AXUG8a97AAlIx9R5Hd2Qi86JTuOzsE83puUWCwtJ6S_W7BDfK5uQIfRY-xn0ZBez2u04fssZKdX20bjXTgB1w2pBBaKQV82epUtgGm99-7OZYo1foYeR5izk3RqWyydaoU--lE9TnxdjD7qWc9yX0Vm_XVSpgVzkXcmACsGlWvdWr3eOJncvq57basY-M4CAzALmQDXOy1iPba8rWEB09cDw5clQPXOcbNBic3IdM7KFTCAx_bxVUX0rjzTt0mzb02VfRNgCNfSZEsHII7IGuv5CYRKtpCNEoFHxNc1XY7eZRJlMTR8Zl2fw4124jX02IMSsaJq2MOzDnG27kbujF8IwkjDT1-fuf3Xu2zrkeS8eEfeBkcYsPuWu3m59uvfSuAwPZkCnMS8667oLTuJA5QdRr1qIkGbsQ8t45SMI9QLakYqUI_RFpn1OJokeIPea6Iwy-7upMB_ygD_WEbPaeU1gNCOu5uHM3EJMJkzhdDlRLibufWt9zFScCgwXYkiQ0xMUm-AdMaxfC-8bHTd34zfxqDmgdNm6vabBFPhmtXyoA97NvfYT3FuR84csGKuhMuzeMrwOyJVufIDInibL7MWv7_8jyVOZU-b2WHR03GAF2FKupBE34iCBulcNymSjK5qw7JDmQZfummMbAlTknpeqIs6Fc3NpVl9tLrb2yfnPjyawPvI8URFfwDou3KT-FrfmjGtwUL0S5kDhkdDEdZbaBP7guwl9jwxpthUvH_vNp4XzqkHKlAYhHScmlL7xcLbeBKcBUe7tCMrHdGYrfB32dVrZgyjjq49uMhY1XWuIW-KxV_bp62EV-KNQPgbkp1AURyIRHEX9Zoicyg5kVHVq23TEvAjRSM1KP6L0zpfWPLlzH7S2UGRfI4cMiqctgEeBiK6S8LhCpF24tyVaLE38_htl1N8loabi_MaT7SKxJQSxLNLSAiA9egqG4Mg-VX15vqEA1dLSV7mCbMAHM6Kky74GfxHBWuiOs7M9kOEKXsLQFMgkGbX_lwIiPhZ0rNJzCDGPrizcUs7Y-3FRy5UF4e48huCYB8c4jRWKDhFxikC6-tSBj93Ax-dJ1e_7SqdViU1Lw_i330pDhQowv1nIjvSazKA-Q5msN8qpVe46Il4aFR9KQS2aYzn93eXq8-m9HtvEpsHbGqocukkpGdF4-QmIdhv5doI2iCeElQ7-Z32rpE0a6qlWaxU1SAG-RonmSjmGrmzfHO2AJtzmQg9HaJuLGoaXMBezg5rrItkht4Htkp7IANhYwWpj0jUT439XdgjhL2QvUs-xlMBTVW_dsKJacmh8qQ8uuie8ZtH9ZcyvI&cid=CAASFeRo6S3l8rOBcMKTrzs9vdNF75UNYw&rfl=3%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c284ff50d86df452886949229d08cf2698dea3ca21354e9ad9a4b324a7177a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 942C 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 09:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 09:58:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 942C 120 KB
37 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 942C 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:03:43 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 942C 42 B
107 B 40ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DudcU1DKkViL1Ap7lzN5MDAA39WCH0XeNlXrA4ZkIGdwMdtv8FVdQ0YjNknLvvVaBIEM2PJgb5qkMKBz5qcSMLl4qDxArSnOs9KHaL5AhYgHwTS3c

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F117
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5q1ZXrFHRH7AovCYXXPVY&google_cver=1

43 B
1014 B

42ms
36ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5q1ZXrFHRH7AovCYXXPVY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNW1A47ost5-uUp0bzqnQo0Cqx7Ac2R5fK60ViH-Fh718BdHAETR3tS_2BhK9N6zKxt022XLTR50vrWZbsHGo5uctZyT9fj8cqwpP3Qmn23ATHx4C0rAK96ptUtQ9ePoN3_yOShvDiECxvgJ067u9vbOCb98oiXT2wCXLf89yD2XBvq8Zto
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:38 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 31 Oct 2021 10:05:38 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5q1ZXrFHRH7AovCYXXPVY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F117
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX5qcr6t2CdoFiWhiaR3UgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5q1ZXrFHRH7AovCYXXPVY&google_cver=1

43 B
1014 B

15ms
15ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5q1ZXrFHRH7AovCYXXPVY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNW1A47ost5-uUp0bzqnQo0Cqx7Ac2R5fK60ViH-Fh718BdHAETR3tS_2BhK9N6zKxt022XLTR50vrWZbsHGo5uctZyT9fj8cqwpP3Qmn23ATHx4C0rAK96ptUtQ9ePoN3_yOShvDiECxvgJ067u9vbOCb98oiXT2wCXLf89yD2XBvq8Zto
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 31 Oct 2021 10:05:39 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5q1ZXrFHRH7AovCYXXPVY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F117
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIyhUl4A0x1M7EVN_awlyXI&google_cver=1

43 B
1006 B

22ms
16ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIyhUl4A0x1M7EVN_awlyXI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNW1A47ost5-uUp0bzqnQo0Cqx7Ac2R5fK60ViH-Fh718BdHAETR3tS_2BhK9N6zKxt022XLTR50vrWZbsHGo5uctZyT9fj8cqwpP3Qmn23ATHx4C0rAK96ptUtQ9ePoN3_yOShvDiECxvgJ067u9vbOCb98oiXT2wCXLf89yD2XBvq8Zto

Protocol

HTTP/1.1

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:38 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a2ce50c9-76e7-4415-ba37-079317f1c859
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIyhUl4A0x1M7EVN_awlyXI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F117
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk2ODgyNTI3MTIwMTI0NzE1Ng%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk2ODgyNTI3MTIwMTI0NzE1Ng%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:38 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2e8a6d91-e734-4b2c-9789-d07b43cf230d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk2ODgyNTI3MTIwMTI0NzE1Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 5B4E 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCq78oPGljshZjiaZW86CWMDwDQvFatQqzqGMB_8or6TGJUgkLkkFjPn3vX-exxfHuqzi7ryr1weuru-djUhfSSckw1xyyvpj68CwaLnHUx1HT8bhmmEJNfHCFUcW07RErcldMIbfuNX3cBvKJ9apQVdV-oA&cry=1&dbm_d=AKAmf-C7-Kdl-AclTxG6Qs8QOdbAfTdezCXl7-E8OP4QJiz5Sa8HHFN1NKqesQ9yt87DUPUcTb59DhklZWgLl9a8Q3o6BFsbImnkCfO80wO1rivnJmcC7ffHoZteyQqicHWsBtkyDrZmdZAuhKwE4fvcrmnUlkDm9ITRSBouDAglCcsH7P7HyRm9-p-IY_XJh0ysnxl0x1UqglEtfpd6rJUeiTLKAdJzPVyaRrIk-FePGP8lP8TD0R3Fu8_xSmsBqg15WXSnFW7jx8Uv-Bgm8_D5yJkOI0QvH17Q4qNM3b4UFTtqcP7dU_Xc6y8rWpOM3Uf20UowevBvGY4Z3eYkRg1jOA0jh0itT8E4Vu1-v9HwrsFMtlkFr4ykW2ei51aKLS4VV6NIGtmkopbtR5l1ybXmONp2R0oRq0cpJVo0b4bZCwR6UGWHLhm-RKqHj604mIqEUfCxx7HGahfJ9vUqNBFDVsKZ-EVWvot8wSwwESpSlG5YTk_A9pdVJ9OnxZq3oIxLEJ8kdzTvQ8l6BIiUzJVo9fWPOfDqEJl1jiwjHG7OLOtJ07nxQlGEy-4LkgdONCagnHmNMpSTKKyCRiqAADPAqIFNwSGK_myr5sqZap00RvcGNIyoQZ6eoDgkPgiMmxp5zvAJG-Pmn3CPG87qVKEvYqeEprowEm7zZ50WYuZPJ8Q_w5LlER6i9ajz49T9H5b3AHRJmoWYWG1F-ht75WTMQYn_BeUVZgQB_0yBpiQe9FK2BoN3w1OpXBBdIJoz1h3vxSOyj0FhhT9V7xF-YzTn7uTIbmZLAH8QL1xi3ynXBzunHiG9Ni7R53k6JoaGN2EokdXPg2YSXgTwMIMA7rLhoOSrSt1QOyVEsOTm4DCW-_FFObKhr7rlXkCKOAdTN8ImnfFeMIn_uhXyhYR-yTbIRsQXQeviPiyIfVUnFQx2rUFCGtFoB30RIZsvllTBZxcQzAa9k2o6TP9fqJqxIvC8WpmDg1c-Qfmh4mXZzEmkhoodUY0W_52bQc_P-WXyxiYuq6wXud9ujy8kRjxCwu_sSiunJClGlMA-7SoFh3dlm8076dXbi7n8qYlnMGTq2MrnmwwOuGLC5jw_btzGY3WVXVNVUu7Gg0XM6ZuOgTINlpYeWCWBPqlhf4mIiO76uheoaDVXK5s7QgWTcvyHOYfeT-s9gXB5IIhK4CDK3vEPtYQ6HmUsT34JWQvaGBqMD9qLIXjse-dNAoPdkDfqIXO6SRv3_wLWgOwryVWC0_RPSZG6Jl1nrXHQWQ8l5pkBVITRKGCg0g_6_Pc3bzeQVtEm75QpaiX550jxaM9aGhbRti7f9go9-4eFk0uckf8zG2d0gEwN0ROoZwevmaWlNIp7dY6BR9DXgxTKTlS2S7f5GYfoCOeiU6XtcttFaBVUHPobciDob5gSU1c0b0leBfmbhBTS01Byl3lQpWsSHdttVgjD0o4XF9Wdaxrrl0I_wkNl6GT1z1BuiGVAgkj-LbD5FuJym9E7ZMFnP5Bqp9pcOezblGiA7hoGLGGdoOqz6K_m_2jhRf8QWkb3kEf1badKhBzaOTrRYSe2TND-bhFw43IvLGQk-wv06A-opBRKk0XcHBtCfLLC0O4pkXqKte4CAntiSncFSIqOf177utgjXlU0t1tFggCN5JIQK4X6-n0_craUhfrxXmQThGhIrukLrVFyJxMg_1XSQSbNCxvb3upgmUU4yJT2t83klM6ytccDmTLlYVJr3rFUeQzNKBsdl2jw7Nxz7cd7roUhOucJln5xw0TShHoaeaRtKnB4vnXXcoD3CTXsjlWFlPBa89TB4BIqr3ZMTz1S_MYigEXd9z6MiV6nyXYfgPzT0Ph60PdlMr2h1I0Zy96HULCuop-HIIpfqk3ai0DG7oPID4oQ7Yvg57WE9jZpVHtW8bEOi31V0zEQLWaT3Go3X7jFRMTiLn6LrFNE_SXV-jqYMdN-bETfEDn_L3ku8k3nbXzl1ib5k7_Ki1HkPojWGnp_jYXJlMEWpya1WMYjnF1XiO9cXIUyrlJ7bRCCgyonAWtvu78LQtHaHUzbmsJUlLfaivRrYsMbRoFi-ZxXN0LRrhsmrCIZtmSFVIdQfFPDly8H3kEOj-GvRipa2c0q_vi2a7vxBZjjn2yo0VgZjPNtyF-_gxt7GosAED5OAnr9-DLbGV1Tp86TGUCxf2920dPi6P1iSdz67Mh1eRdq_YpFJR4nYxLQaxTtb97c44AabTkLIYmUCBUEPM4zSgeEgsqXUeIPFZoV40xo8pHCc-QTDHfBD1WWizihthF19OLUvXp1t8rMm4gIxIHu9VATyyJH20ArfCskX8Wyth0FcsYN7eKYKBX7UKYlAIJCTFlQA9mQj0C9lLHsD9t_is4MeGvkoEdVK8YyqoiWs3B-3AYV1SuhDwdOpZJZTe3QCkt_8p8JTWR6qtugAc3IJXGBGYewJfj0SK_d9Xbm3yaqldjeIu5YcCCY2ZKwiWaULX8Bg4tR3zSErFIT9KGhp_3yMBZwRTca71TMUWiopNNd_RlIAs2NQ5U0S666MPYqkhLrHtiGd4P9QeUwfpuWn4nJe6R0z-P9UrOzkDA55kwn-TClE6WdNw5effvCPNTwQuxpCabT97CZZnuHLz9QHxHqS4QCrOwJpGsZOxHOeOVsxqxPZjA7ySqHHT9VuNwJ3UDpkG5XlVsXyJ5cPRU8oRR7SRs2waexEvlehS1rSMxG9vTc0PgJRMuNadGs4WdS4tMpgAVGn29Oqqo-N_XR-J06a8zXJ8RxjdbihIZNZSWC8onNNxKV72auUOt74OvV1q7TUeuqaP9AZtGbWCUG7Li1E94ueqfr3mN62HlV4Xz4h48gr_ReaUnwgMCxqAmsSm1_5PaXq4DqSMqFZTtN8k2O_iYGT1Zvd0KabsYnHz3yXeAAUtIvQ0Sif7JQmvvxmwVUS_UecYjmcgiw6tKGeN3WspyAy5ZX31PEYogKIYuZ_k4pjy7WqZiy-OfPjzgU4sIvBGOQ79LcfgPIJ_fOmSC-0hoIAJ9yqAoSA7YuYf26oTpdhpj-KF6o2ZtZ_EfJ1HxNjDHJ_ALVhef2EGyVurVgmCzLfdQmFhBlXrIYX_n2KPFcb7Mw47GBlb8VlDI8V9Y7sdKpW1Yh5M_8TUv1oAAUl0-clPBza14t5dV1IQA5Q6ixmjrGmPIgFOUbsmTutMVk48F6SvaSYPgtKVP4Fd69PVVLIycZsjFFx2xODKh84JXEtQ3RKEvAJ3ql13HCznEFt1fQS1royelBYQaBv8lSybUgCR9PSHi0uGmWlu4VUuKa6Yva6li25hn6Ve2Mf1io_7Xt5YG29J53abyIxZ9YVga37r9lt5Wlni89VxZRAuPCpi8OFa7wkvWX5ALIjj3MBGmx4pEM5Ex4fjPEl5sMdssJdp3SOUY9uswh1gygrMmmU5ndBu_fU4rSIvEJurJiE-PJqxmY-0tyJu9i5wYRrkYnlTAwblNdriuCgaVoL6SYPWzw9O999ASbjeRD7POPSSnDO4PB1CeHOOnW0bNHajfqTmXxxN_1HmI0WxISKDh2Su4As0CYyZwrkTBts8OMG5_KFK7FMyYl8D7dwia4EJQXOi1-_NNK0rAM7b_K8UeIhOEfEvbnkkMKo7o&cid=CAASEuRo1AYB68kc9wK5nOJBbODohg&rfl=3%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9375
x-xss-protection: 0
server: cafe
etag: 6887285106501176819
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:00:36 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B4E 41 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 14:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 28 Oct 2022 14:19:44 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 21C4 24 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOB4uptPih88gjMWFeW6PNRWoX7TkGHaoL1h3Z-YwQoWYLZPiJd5wTQmB_cirWsYwyV2UvdaUuYQF7d_BgJPkq2UvEGKGilA5oDfCMgdPWmbjDIGUCdBMlzlNn3O7DB50V9_j9C_v338RZ47dEMb5J0FjGyQ&cry=1&dbm_d=AKAmf-BVhyvgA6qzB6rzjFpUPKw-RFWIKUFUOp5R8Z_93GgUKXoeQl4Bizu6muTUP4m8v1VFlM_lV8Iij4Xbn3oX7fGzMD5yFTFSLCP-MJLDA6iLoYuUSBI3J6DI5wbm8AEXWyY-D7kBzYtoKn7YTl68pb0tD5uEnji-UDZEDy04G30BV1EnLRcu-DLOGruFV_k6KVzkWWFb7Zrc4s2MrO7Qo6YZ4TSKkKbatQxQSmEY5v2OtRM7MbWi1blW_1FRxlJVnJln7cx0JEZ1jDFRWrgZEqnUUdKQp1zw27F_Ll0PQEXVbbfR8sIlSvebCYvbpci633m1luMOIImDzQ_MnFK7cMlKxJMEyVJf2vQ-BJl7aYRCtSGceumhbt6WMMn2qjlPneI0rKq5uFT4_CRtv3tH1fjtvofhUgkBzX8UELvpgr8sLtXAH2l31Ud7_Bdh86o37Mp20BUlZUn0maeSPDMBJ2xXkLdnRm11MtfHgC3jVv1XpGc60PbuO6-Xec9Ccu4oO1qcm3DKO7JBlPHg_F_CxcSgxhDTxaXlcwzg4-0MuioeBs1osZk7ShyS7Af1fzUUESH4cC06guo7V43TYRZkGNkH15Dua9Q9JeiodoMGQla06ebKYlqFn8CxHJ5EsHTfjKtyZCYnEZ7T2jsJ0_mIzHasZkbqRAunhTx4zKThonc_nE297UvsNn851pubq4GWyYQtWq80GIsNv1BuoBZA7BbHe2POxLcg02WhMER-ehdFm0Pzd2gTypXTti0RUG3gYmgqpNuSKBAhunXlx9MXaTLAwzI6a8XSKOQhZd2cyPKHtJG8he81SEodAsu3vqluQv03ZI0GSAPMTX3RK5uH7sdIe9Vn3Mf4Xldh4whMqnAp0e-ugshJtpsHuhgyRD9NLLbLj-S4XO-_1hcBpX8gv1IYn-uMDcQseNyvlcUnrLXn613_ddAYWjBKpvesbo7POd9W8mhtCj8OmPCjjFhk8cHGm5X2u_vgUlgwWcS6uefZ3irUHP6LlAz_wVMKgOTf5bPTiqtkclNGMDRkfr0s5CXaIqbxxxJxKghagNnlsha281OA1TELfqQicbkl_WHlbEIZxdwWzy7sdDNttDHyjG4DZwb6wFm5j8VutA_SWj0yxJC1WxPKJ9TlT8aEkbmUMue5TmqzPOUd4gUg9FrMa8vCAbvZbBx7OKnLdkn2U7lguPqf1u-yiM4hLT0Sh_Hc0bh5d4qT2Bi1tp2Xq-YjlOrhPoBKwjcLWonZ0ISYZDRyKi-4vDLi15iD7e_CnBvKH_FJn3qzyubgTjIU0UjmUZ1OXLFTJVyb9-8mXMLuoorNJXqs3YeASxLOGeKgvXRkAeQYmlClyYhVY4-VuERKV3VbmpwQjuOATcDMJYlDCmpr0aPXRwJOJvwckkaRPo0mbo9nqQJ-aPwsIcjInOPsSvA99DjnDeXhADxMHkszp2-iWp1yC8FXEA_dcKxa1n5JXcuOBfn80x2kPPYgQJPCJGa8sGQty5n7u6O6KmoUmwKHuhzKH4ehMLoZpAVeaSDju6bATN8lcefQk7dZmjBoeCT8bqrEMs-SsJM6U7_1UVfr6KymkpxHylxmM8BAfH1W2aMy5mk0imxUeMk-vyOgEHtqqPEQKwFVOEND1vtQLuUWkljOOnPoqRsK-lpToCryZWGhQlFCg0TTVFf-5_RDcyDxTdWixEL1631WK-SB7zsjh475wIv5D3j8mhvH8LFyLjR_6Lzu5POKNS1QvG-QdzAcX_w1cSAseZiFclvQZ4hstFVfbf4NHPL4Cttx7TiZVFW3x4LUwVnnTj9Bo80OzO-vi6jT-rasT_qsoccMbhuja1z28UWUI_kyjHwvvcr74Drjhwnq-Bzp1sBbbx2CWEFhIAjqjcW-6ZKz2qE3ZnP6BVW1g8b1R-GctgO8w0xswMo6Tk96UUog2GlZIdlISU6Cxp9vSVromzmXm8C6cUsTv4oj5_Ezi352K7tTJDp3Y5YYIs8JKLNuXylAyoIkrOQlmL1v4bztszR3yqaECYIbEPXPcpqe5SEgmr2LvkuDG40owWcD_9pZaMlytjvgXYIBCDt1VSC3XyH_7dHMreSlQMyii5SDISZlNetmPAyi0j7WdOK78zvbG7p2hV4j1b9EuZ9ZauuyDkRIIys5kDMMqRtvB2HbqOgRV9AxxvaOksgOjqaxTXprW_lKBShWE7Hfsd2wWDefG4aVd16eTkjAtYORSp9irZoaRoVyeIQqh5QsTYmozqGEaUzWb7wYdZgoZCP-7OLfCHSGcnlfcwuesqlIFNKouUzvAMpOUzJHyJPmBLre1QR_bwJ10JXqj06WwFEek--JyNOU1UBX6szpxC1Y6VVjb_RTDSegbAHC0PnBLYBxt2cUruF_rHdzsrHHBNxYrSOMsh9VrNLIxy9-0BPivPexcOnGQNWJRyrhQ4x8uWZIz_jvpTeKO6BIVS51GtZoTDQpmiHoi-5JaQRoDk3unEYYpLWwq9G0BPJk7JY6ueaBs1AaH1KoaDbDtE5oAiBUt4xf1yXIWyv9EJmFYcTeq8BbYG_hc5DQdBwJS98Fgmyna-QotxBY0jtEf8oloitafjvnDI0t1oZa3prUIvULRc4_qKH0UCnGCmjMRK6FuiaSxAQB2U3eQPgHxifOHyIkhQ-_QLjyyWlxogB9hPdOhdDLx-4PZJNHVOXtyhVCq92KHtcOk-ldS7IiJDZm1OWeMu54saYWsgN-rlJxvlj22gtWQGVnVN9x0nSn-7zTyFy1wpQJyy3WjRcZvqgwoO0yOJpzCgmOuWHS-0mM-nYFMDJ0T32LKSDkDxI6xjR4V9Fd-DevgGSeLmUpTxuYogglKtw-o3OxwwEHY1r-IIJTREtRunVPLWZaHVYrQfrxOzH_DA2JpVTmoEGSI7BAw-FZfJxskP4dTqUXvNLQJ2Ecxxmyameois5AkMzeo1wo_CqbBgiNs4OoGMBm9tzm1EZeEk5LmvqlPTVQAcRB0dLhsJHKm6ginfVVJxpfwSYFCHl2yRxJyQopqWlxDo-_NHVBLgMnNLSLAPN28HJ0m4WQ7fzPpp4XFzHncWIoKlZUqkxbovSUObF7D24pfhjJ96hffULj8QEUY4MuxyLz1jJu0YR07t5FB4ifCFUiTSVs8z0JMkHRg__6ZL3yx_asPNG1EZcs3W_DFb8c69RvtHimVo9VcQLZKfqRY36PoVeaKr-9Nzk2YShAQLXMr-cVAYs_qFLjxt77EIZSJPnVZ0MplNtuMTcMJ0MnvS6izERcdfXOgnqstCAU_qNSwul4AOAK2nQAr3ADMUZStJkMLKT0fi6jVNfMEwnJY5HFOOHOxUoecgsvdLJA6N3hBIZU9gNCxjzbFFhJA2Epo3wn5MsX26zhwR36vC-2HswfnmXQ99FJTMF0NEkpwOnRScuQrefye3LPqyDvVNdYVZuBJulmPtUJIeyDMKZcewqVMlhVQa6q&cid=CAASFeRoWNsefSHZZe-u0BT9D0tgF9nkNQ&rfl=2%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9375
x-xss-protection: 0
server: cafe
etag: 6887285106501176819
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:00:36 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 21C4 41 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 14:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 28 Oct 2022 14:19:44 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CB27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENAyeQfjxA1llvovxEzXirA&google_cver=1

43 B
180 B

18ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENAyeQfjxA1llvovxEzXirA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV8Ck0taxEE8XzgmP5WECSXZ1rJkaCCqttrymh-srFMxdLfUDFo1cNBlYUOnJLxXsg58S113fjHcuU2SkIyDUDVf8EohhZRkwFMFpjJ0TTRp0yLy848RrpHKiv_2BAW8-mqfMS9jXjN5dUOyPBijnh6DCFtmUO9dX-GYmz5bYKjiWQUppo
Protocol: H2
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENAyeQfjxA1llvovxEzXirA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB27
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTdlOGRlYTEtOGFmNi0yYTA1LWQ0ZmMtZGQzYzEyMzMxMGM0

170 B
188 B

17ms
16ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTdlOGRlYTEtOGFmNi0yYTA1LWQ0ZmMtZGQzYzEyMzMxMGM0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV8Ck0taxEE8XzgmP5WECSXZ1rJkaCCqttrymh-srFMxdLfUDFo1cNBlYUOnJLxXsg58S113fjHcuU2SkIyDUDVf8EohhZRkwFMFpjJ0TTRp0yLy848RrpHKiv_2BAW8-mqfMS9jXjN5dUOyPBijnh6DCFtmUO9dX-GYmz5bYKjiWQUppo

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
server: OXGW/16.217.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTdlOGRlYTEtOGFmNi0yYTA1LWQ0ZmMtZGQzYzEyMzMxMGM0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame CB27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFD6uwBupU3oaQY1ftJU8wE&google_cver=1

23 B
172 B

122ms
49ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFD6uwBupU3oaQY1ftJU8wE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV8Ck0taxEE8XzgmP5WECSXZ1rJkaCCqttrymh-srFMxdLfUDFo1cNBlYUOnJLxXsg58S113fjHcuU2SkIyDUDVf8EohhZRkwFMFpjJ0TTRp0yLy848RrpHKiv_2BAW8-mqfMS9jXjN5dUOyPBijnh6DCFtmUO9dX-GYmz5bYKjiWQUppo
Protocol: H2
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 31 Oct 2021 10:05:39 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEFD6uwBupU3oaQY1ftJU8wE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame CB27 23 B
172 B 182ms
46ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV8Ck0taxEE8XzgmP5WECSXZ1rJkaCCqttrymh-srFMxdLfUDFo1cNBlYUOnJLxXsg58S113fjHcuU2SkIyDUDVf8EohhZRkwFMFpjJ0TTRp0yLy848RrpHKiv_2BAW8-mqfMS9jXjN5dUOyPBijnh6DCFtmUO9dX-GYmz5bYKjiWQUppo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 31 Oct 2021 10:05:39 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AA72 12 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 30 Oct 2021 15:45:52 GMT
expires: Sun, 30 Oct 2022 15:45:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 65986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FF9F 783 B
736 B 24ms
23ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e03235917b59670e1f368dbc1c82e13860fe67e00c3745ae4f84cc84d533d22

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0F8ozg8qXHbggF9zaLyAug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 31 Oct 2021 10:05:38 GMT
date: Sun, 31 Oct 2021 10:05:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-0F8ozg8qXHbggF9zaLyAug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK hjtkt1t9m63l Show response
hal9000.redintelligence.net/zone/ Frame 5B4E 11 KB
4 KB 46ms
13ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6e-acmp-YaHKD5OBjuwP9rSYwAKP4PiGU_Woi6TKDPAuEAEg1J-5J2CV4pCCoAfIAQmpAi6C9C-RZbM-qAMBqgSHAk_Q_sj46X928DPa1IxcWol930z1rebbJ5g_PwHiWuoMxUMT1pBoFxmwWheFcIaINVLkFssKXqPXc2bEvZv6O9cRyEGxZQ0vHnIsKzDTcD-vsf4niZShOTZ8jsoVNcOvspt-we7dreeVD9ZNuU6utLimchSyt2J60CEKjTzac1rDV6xHw4cLxKlTNRlv6bgxNdIkOjWHQ59dyKvpDDHS1jMbUIuAQDYHoo4aJfVy-U3aUqjnL12-fLJ1ZM52Lluabv2Ptodm02Mjq8OzP69W5g3mAKEItZ7Gl_AOmDs5EnMPcP2qDuiXfZ8A3Lxvp3FJXf-xSglte7Dbfr_GVJSbt7cTxBMhPGcywAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo1AYB68kc9wK5nOJBbODohg%26sig%3DAOD64_0_qd1psJx87DtNcN9184P0EToYUg%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-CRswRuOfR5Mo_KsTMOVLNq3FnE1-GoD0rZWf4u0hCH_RO6afpG4m9ZpjRD6M5rHI_BAOqmhmbQSPpDqgHqcGqmsccaib319mxIP42rllrRQBmBW1ZZUf_LQYBFb4172Qm8-SCVmbhVcpLnaL2bPLKTzcjaqg%26cry%3D1%26dbm_d%3DAKAmf-ADYxG-q6ZcTtPADTs-P0PIO6y7PAn12UXHrXhnHNRPcybllZyuBHUyBg3NqVDxbAlifGKJnBkqCFScNtlxnZxIBuAN0EQY5ylcTqQ7GNPz2nUAv69q0yT95khsG5kaFSwjOQaxkqBUsE_0uqP8ztGLzrOCk26oZ_Sh-T2iXzM3k6s1xrafCGX98eDFpO9aUzGkFjacC22C2qS1k7DFG2W7IYnFQ-1F8zbYXPpXasjH6MVGyfGR8ejPSstasMPY2tIg295rY9rYrO-qhkjV5Ja4Yqcj_n36aVoD6HMfGnPmpUAvffZ38_zsED37mlDVjQqXP5WcOylM7bc13q6Wsnd8XCdHe8Q11vQxmFU0RP__JSQPIxMrhr5H2QSrUXDW-Ck8zPHRq6xn5M-qLBFGqlLeWWFHbbv-cAh_RrUgoRKZmvkjCnvJ-1H-U0pb1PD8T5pcTrTz%26adurl%3D
Requested by: Host: e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
URL: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 2fa5738a71dd6018a10876d5a5baa2083ef301895d49716e111782076ea8ed2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3932
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 container.html Show response
adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B12 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 81ms
81ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=60714bcb1b188405&pm=bmu&pxo=l3AsM4U7Wl5wTsSxryRrRg2dznrV9jpCZRYe-RGIYFDfY4JswBstoIgk_llm0C1m36Dl1WORrvgWDkT5byZp2dQH21ezw0Z1HDMN-QvFVPkTKrxi9Jghf_8rVBo_sZUZ55nQeuxpadq8OSzF8S1pz9fjlA-0R2jYtJAKLZF3BHW-8oMp&p5=gfglz&rand=bdyqtzm&sj=sYptcAKSeU_BUn4ShCyZ7U8YxBmRvEFPdRSrNhsTrn3Z-LyODHTi6XYSAUMg&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjih&rqs=cdpb7u22bQRxan5hPoLhcNDnpgikGR2j&rtb-si=b&p2=gatp&resp-time=1149

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:38 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7A69 11 KB
8 KB 28ms
28ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7af34324dea0721c836b91fbdb2a154d53ce255a6a963f156d309c72db9d8375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 942C 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DicTN1MkKdJGpqXUUSjuIpPhCoD36BYQXyQ9a4qVcGg1mLVcndnfXQ0Qt0nvQcDn-g6L4X9hsvCjQBfTwA4eOtSeqyk7ZTE4j-SM8OHc5Ue9JAb_cV1l1Ytf5cppg7NgJmJuqCkEJg57zmekHGqjcUG22yAg&cry=1&dbm_d=AKAmf-C2HI2J62Zc0bl-3Zo8AylvLRwuQbEgBAI5Ea321vtEjK-09KpCB0EWuP85qNbTwBlhlDwZQRl7AA-e5Z0ZxnKTaTJsOLiOW9IfrfpREvAxvWwCF8ZI4P-iItEOWZxc6XHGbuu0ZhqpghdqnmoTE1FnUALyxK1f9reWllbLX0BQd-cRUYJznTr_NL2lLudGtgdOQakN0iEykMilo1O8dkypz7llgvs9QSgk848IE2QK1BHTcKJEMe6VezSqo1_hoTPim45Vqv1PGG-4UuAHQzet5nYLWhW4AHkgC9eqMVxtT_KkMK-OqR6cPGwxXpwQT5YPBp0TokItJH3gH7zD_tULDSFG40YSSxA6-z7MAqcgb7fdQZC-N_CDWoBGnU7mDVmxS6GbyZw8E48iU0CM-3o9V5ctKvcA-a-QJRJv9s_Wu62C2Rkxm6aobn_HctIm0U-o-bAiH3OEbicpeCi8OZ6axQNR7I-cz1t51lWH6-3UFcebZpmUSG48XlYlimQQnPsV1JTLOlnsOsyIkGc9Dqcm0ouRujM1S27Ub44N1JrjMEwvEqDjr2a3vDDeXuNVaJi2c1Id-ly48jqGX7BR86VkgkIm9uuuzV3Rz9tl556PYvEf92AOZQsgPT9jyyLVTICoeV0VspjbDmu_ZzPV3NSmljwGRTYeg1MASMwg0GQ1Nnc83Ztw-OETGWrXj7UQwin7SsmiH24k5mGCRaZ4x6kGSw6D2gD0_wQqRXpNofK8ixP79su6kWEZvqJY_3JsdjZwVrA7iEg7jujpLEiBIhR4E6tYZNcsfuj-eYyvv3UsuyFOwO5dwcnD7ryOR_pMQXoS659Dr1L-Df5tkOMjFzNp53UG3FiCdzYQdUpsEhCVBhl-LV0zNw_dc8KhRQLW618pSU54aB4V1sJ7c-x86q-6m5rqt9M4HHM5-Hb8N8HKySdRAakbvB5aBVdYVpOiQn_d3E8-3U9E-rXiUkidZSH2fpaAqsUg6xlovauhgvprvyM2G8AUDJ_6FEsqUK-xL3O6eD-W3w45N30ImrCG1QM1iAhpNoXTXMjQADSJd5KlSIHPT0gRAfWfYEubGrhDYWe3lH0qcIKWhK24CEW28AoLyIVDpba01oN78-e2-2WtJqiFQzGm-UOM2SjKwzD4ljO6f_7wXTIMKnDhfVis1jmKlLTbWe4TvcRRuyQcgQwq29Mjx7FN0wdWrXoaWiDizAzC8a0_xShmv6njYglBBYg_mRAGReXJ8KvTLoQp04dpJP49lExR424Epwn0jl9Kn1uSlb8uEHhr0DVQSsds-S4ZiSYYNF8jXNYs0bd1-GO3ciaRR0j5BDY5Zl4ckgJJdm0PmyrqR_Z3_zf0dQtB9JPvESnHX6ARb28dRdtdEsi1cPfgHCRAlls1I1kbI7X16ZYF6AyRMKI7fxQF0GaxvDWyU-AyeturzGiQyTzjyavGmnFMKbETl9V7RK1SHd0putebGdkeu-OBNVPDlCzSe60RyyeAvAaEOHEyrtVb45CNSfrGb8RxwoMXLeq7Vn0PChwc_IFPAv0hbrwI6qGOm35aJR2E4yVH6Abexwt1-DQWJgGFcgvod-rgBaZBXp_mlhN9ak-8ZI3SsfOU8N-3OdmnA8AZxC3Jb5GB0yL_JeSOU-cPIhhJNV6OjxRjO5v_zIGK8gRM-jpPtUowP-mAuaeF_TB8ePYVUeKX-Ck871qnbSeMudunRG8t43Wmc_3YklnucsdjlGtpn9oyY7LqMLm9XmC0HYwHmJFcOlU_hTZZcHYg-8TmR4UuRWoYUa7MC79QhDBw7U4hsnLO0T7lwdkWKjK9ctnXYMnZSNQlG2bdUdkMGrmLYYmFnCUBJ0zeyEEL8aWmClVuhZZ8DU0Hoy6rjHsSxEVtE3bIiFBS6kFTymMXRUOMg0oOLnuCib1FmKTK1JNF3M-TJldvMusaeFZ0JnJVFu6vsDqx1oRze8-vJRl3TDO4JG0jCvgqbm1bDOS3fjvJkOl6NFugykG27hS_hjA_FzU5qsy_C9N0NBYkrF25y3MrDoGQ58nsVFDqPs97iOS_PGWs5QkVHDq6dm95JACg6PavJD43p56EK4w4wUZMfDhq2f9Nbm5xuf60e8AXUG8a97AAlIx9R5Hd2Qi86JTuOzsE83puUWCwtJ6S_W7BDfK5uQIfRY-xn0ZBez2u04fssZKdX20bjXTgB1w2pBBaKQV82epUtgGm99-7OZYo1foYeR5izk3RqWyydaoU--lE9TnxdjD7qWc9yX0Vm_XVSpgVzkXcmACsGlWvdWr3eOJncvq57basY-M4CAzALmQDXOy1iPba8rWEB09cDw5clQPXOcbNBic3IdM7KFTCAx_bxVUX0rjzTt0mzb02VfRNgCNfSZEsHII7IGuv5CYRKtpCNEoFHxNc1XY7eZRJlMTR8Zl2fw4124jX02IMSsaJq2MOzDnG27kbujF8IwkjDT1-fuf3Xu2zrkeS8eEfeBkcYsPuWu3m59uvfSuAwPZkCnMS8667oLTuJA5QdRr1qIkGbsQ8t45SMI9QLakYqUI_RFpn1OJokeIPea6Iwy-7upMB_ygD_WEbPaeU1gNCOu5uHM3EJMJkzhdDlRLibufWt9zFScCgwXYkiQ0xMUm-AdMaxfC-8bHTd34zfxqDmgdNm6vabBFPhmtXyoA97NvfYT3FuR84csGKuhMuzeMrwOyJVufIDInibL7MWv7_8jyVOZU-b2WHR03GAF2FKupBE34iCBulcNymSjK5qw7JDmQZfummMbAlTknpeqIs6Fc3NpVl9tLrb2yfnPjyawPvI8URFfwDou3KT-FrfmjGtwUL0S5kDhkdDEdZbaBP7guwl9jwxpthUvH_vNp4XzqkHKlAYhHScmlL7xcLbeBKcBUe7tCMrHdGYrfB32dVrZgyjjq49uMhY1XWuIW-KxV_bp62EV-KNQPgbkp1AURyIRHEX9Zoicyg5kVHVq23TEvAjRSM1KP6L0zpfWPLlzH7S2UGRfI4cMiqctgEeBiK6S8LhCpF24tyVaLE38_htl1N8loabi_MaT7SKxJQSxLNLSAiA9egqG4Mg-VX15vqEA1dLSV7mCbMAHM6Kky74GfxHBWuiOs7M9kOEKXsLQFMgkGbX_lwIiPhZ0rNJzCDGPrizcUs7Y-3FRy5UF4e48huCYB8c4jRWKDhFxikC6-tSBj93Ax-dJ1e_7SqdViU1Lw_i330pDhQowv1nIjvSazKA-Q5msN8qpVe46Il4aFR9KQS2aYzn93eXq8-m9HtvEpsHbGqocukkpGdF4-QmIdhv5doI2iCeElQ7-Z32rpE0a6qlWaxU1SAG-RonmSjmGrmzfHO2AJtzmQg9HaJuLGoaXMBezg5rrItkht4Htkp7IANhYwWpj0jUT439XdgjhL2QvUs-xlMBTVW_dsKJacmh8qQ8uuie8ZtH9ZcyvI&cid=CAASFeRo6S3l8rOBcMKTrzs9vdNF75UNYw&rfl=3%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9375
x-xss-protection: 0
server: cafe
etag: 6887285106501176819
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:00:36 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 942C 41 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 14:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 28 Oct 2022 14:19:44 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame DB44
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEgFKbFWf5iQfQlFRKAVTks&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEgFKbFWf5iQfQlFRKAVTks&google_cver=1&__user_check__=1&sync_id=1993e630-3a32-11ec-b26c-194044dd0206

43 B
548 B

28ms
28ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEgFKbFWf5iQfQlFRKAVTks&google_cver=1&__user_check__=1&sync_id=1993e630-3a32-11ec-b26c-194044dd0206
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYsqK9lQEwAQ&v=APEucNWuh7JLNOtonHawDK69wyFi6k1S2GQvJ5qRjSw4oQE7Q8cTld4Wk7aRqnmLBI8JvjfER87wzGq14oBEW2Cgsphvn_9XbO3q0fXNFqW_PxHfYc-WWhOIbaHuHka5ZhNdaDMYX518XUGcxIy24Ptvacqi7Zh8IBCvCbBDqqov-WYAqO4nUaY
Protocol: HTTP/1.1
Server: 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 35
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEEgFKbFWf5iQfQlFRKAVTks&google_cver=1&__user_check__=1&sync_id=1993e630-3a32-11ec-b26c-194044dd0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 88
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB44
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTk5M2U1ZGYtM2EzMi0xMWVjLWIyNmMtMTk0MDQ0ZGQwMjA2

170 B
188 B

17ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTk5M2U1ZGYtM2EzMi0xMWVjLWIyNmMtMTk0MDQ0ZGQwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYsqK9lQEwAQ&v=APEucNWuh7JLNOtonHawDK69wyFi6k1S2GQvJ5qRjSw4oQE7Q8cTld4Wk7aRqnmLBI8JvjfER87wzGq14oBEW2Cgsphvn_9XbO3q0fXNFqW_PxHfYc-WWhOIbaHuHka5ZhNdaDMYX518XUGcxIy24Ptvacqi7Zh8IBCvCbBDqqov-WYAqO4nUaY

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTk5M2U1ZGYtM2EzMi0xMWVjLWIyNmMtMTk0MDQ0ZGQwMjA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 51
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame DB44 0
448 B 290ms
23ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:39 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 950F 0
0 60ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102701&jk=1534875313073681&rc=
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK hjtkt1t9m63l Show response
hal9000.redintelligence.net/zone/ Frame 21C4 11 KB
4 KB 36ms
13ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-G5wcmp-YaSRAc6RrASmxI3QDo_g-IZT9aiLpMoM8C4QASDUn7knYJXikIKgB8gBCakCLoL0L5Flsz6oAwGqBIoCT9B_F_L1n3i9trgNNeOpTX--7wyo4LbHH_hVtFMWPfyY1_ebTIyPCR_7EiHKYjLxJDhqnJjNZCHnUS3ZtvIIaYneY-dmThKFElD3p8du5jYagZ6TdPaL3CzKquyx93ZzM34EKf4rtfGAvAz-d3uDOQdaaRQDZBk9Kzz_EQf94gnTII9tjgwSpQ4ZjgDjG70vBEbqAQh_4BCKMcJoddBp4KYfw6GP125CoGGPQeWjMYTIINin1KIDC1YaIkXrucl8JMWTUAeegyOvB6lGnO3N_xC04eVCD8MXphTXj32vIeVHTkJdR9EDvJLCJh96Pu9QRVC-CN9g3ispk9hIj69IKH6bMWHVpp_-afTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoWNsefSHZZe-u0BT9D0tgF9nkNQ%26sig%3DAOD64_3TGpn3OM04iGx6H_MEEpDP6IxWGw%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-BB8oY9Vii-haXePaAuoddvRtq_bULiRJiZMt15BSQe5LQpwfPUHMV7TupafPFS7x6FNdKpAMX3RO1xPoo-NOgRMGlNCq23-AvdjOiLXBr41wFogZxFU_qoiOCB7pbclImYay6s_ZjYrivvg1WlH83NNyWsnQ%26cry%3D1%26dbm_d%3DAKAmf-DCHbZd9jI457yP_ovnsCRc7P6McKNfNzECsTaqy5YKD0bf_yA9dbjrrgaPFwOXBbru31QS7QuSkpWWS2YsIi9MI6l5HLwlETsrHfCJIiB1bewg9B5TiqC1HX8EMgaZwabK0tqPlWjyj1ydBZ0WT8VvCy142GJOBIikUs71tawlNzwSFUtgYbc1Vg_yAQEAaqtZfCPQjeRAquiz1IcUQBfO71711GGOCxvBcsfEk0APz18zTiAQ2G5oVCED-wRSEPQ_vBpCayig8tmx_emTMvuQj2IiOG-9TKOhA2RvI5c_EFyPZMUsLUK3hieXRJxI_NWJy3S9auBEObtVavQpXU7-p_3P2RANTOR75FZ23-xKCpBwtL-68a8a_xsliZtzosPPKY7GG7uaMnRXgk0s35jny8zRL3mMqi-bAyEDUWyvju_0MugSzPxMW1Ie6r6zRfOABC4e%26adurl%3D
Requested by: Host: fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com
URL: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 68e8def4a8cd003c5da11a230e116720daf122f80f5fe39ca9560f1a29ff0d8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3939
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A69 17 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 31 Oct 2021 10:05:38 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4026 22 KB
8 KB 14ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 27 Oct 2021 14:26:02 GMT
expires: Thu, 27 Oct 2022 14:26:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 329976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FAD7 22 KB
8 KB 14ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 27 Oct 2021 14:26:02 GMT
expires: Thu, 27 Oct 2022 14:26:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 329976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

request.php Show response
hal900019.redintelligence.net/ Frame 5B4E
Redirect Chain

https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0491cdbed5&subid=&uid=cb26269985f4faeb&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0491cdbed5&subid=&uid=cb26269985f4faeb&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

104ms
81ms

Script
application/x-javascript

78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0491cdbed5&subid=&uid=cb26269985f4faeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6e-acmp-YaHKD5OBjuwP9rSYwAKP4PiGU_Woi6TKDPAuEAEg1J-5J2CV4pCCoAfIAQmpAi6C9C-RZbM-qAMBqgSHAk_Q_sj46X928DPa1IxcWol930z1rebbJ5g_PwHiWuoMxUMT1pBoFxmwWheFcIaINVLkFssKXqPXc2bEvZv6O9cRyEGxZQ0vHnIsKzDTcD-vsf4niZShOTZ8jsoVNcOvspt-we7dreeVD9ZNuU6utLimchSyt2J60CEKjTzac1rDV6xHw4cLxKlTNRlv6bgxNdIkOjWHQ59dyKvpDDHS1jMbUIuAQDYHoo4aJfVy-U3aUqjnL12-fLJ1ZM52Lluabv2Ptodm02Mjq8OzP69W5g3mAKEItZ7Gl_AOmDs5EnMPcP2qDuiXfZ8A3Lxvp3FJXf-xSglte7Dbfr_GVJSbt7cTxBMhPGcywAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo1AYB68kc9wK5nOJBbODohg%26sig%3DAOD64_0_qd1psJx87DtNcN9184P0EToYUg%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-CRswRuOfR5Mo_KsTMOVLNq3FnE1-GoD0rZWf4u0hCH_RO6afpG4m9ZpjRD6M5rHI_BAOqmhmbQSPpDqgHqcGqmsccaib319mxIP42rllrRQBmBW1ZZUf_LQYBFb4172Qm8-SCVmbhVcpLnaL2bPLKTzcjaqg%26cry%3D1%26dbm_d%3DAKAmf-ADYxG-q6ZcTtPADTs-P0PIO6y7PAn12UXHrXhnHNRPcybllZyuBHUyBg3NqVDxbAlifGKJnBkqCFScNtlxnZxIBuAN0EQY5ylcTqQ7GNPz2nUAv69q0yT95khsG5kaFSwjOQaxkqBUsE_0uqP8ztGLzrOCk26oZ_Sh-T2iXzM3k6s1xrafCGX98eDFpO9aUzGkFjacC22C2qS1k7DFG2W7IYnFQ-1F8zbYXPpXasjH6MVGyfGR8ejPSstasMPY2tIg295rY9rYrO-qhkjV5Ja4Yqcj_n36aVoD6HMfGnPmpUAvffZ38_zsED37mlDVjQqXP5WcOylM7bc13q6Wsnd8XCdHe8Q11vQxmFU0RP__JSQPIxMrhr5H2QSrUXDW-Ck8zPHRq6xn5M-qLBFGqlLeWWFHbbv-cAh_RrUgoRKZmvkjCnvJ-1H-U0pb1PD8T5pcTrTz%26adurl%3D&documentReferer=https%3A%2F%2Fe1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=https%3A%2F%2Fe1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=5557385533758&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
URL: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 829645bc710de99880be82cc25ddeba44e99192430c9edd0333bba19d97dd0d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:39 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 76377400049952300710584011764019
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 893
Expires: Sun, 31 Oct 2021 10:05:39 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0491cdbed5&subid=&uid=cb26269985f4faeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6e-acmp-YaHKD5OBjuwP9rSYwAKP4PiGU_Woi6TKDPAuEAEg1J-5J2CV4pCCoAfIAQmpAi6C9C-RZbM-qAMBqgSHAk_Q_sj46X928DPa1IxcWol930z1rebbJ5g_PwHiWuoMxUMT1pBoFxmwWheFcIaINVLkFssKXqPXc2bEvZv6O9cRyEGxZQ0vHnIsKzDTcD-vsf4niZShOTZ8jsoVNcOvspt-we7dreeVD9ZNuU6utLimchSyt2J60CEKjTzac1rDV6xHw4cLxKlTNRlv6bgxNdIkOjWHQ59dyKvpDDHS1jMbUIuAQDYHoo4aJfVy-U3aUqjnL12-fLJ1ZM52Lluabv2Ptodm02Mjq8OzP69W5g3mAKEItZ7Gl_AOmDs5EnMPcP2qDuiXfZ8A3Lxvp3FJXf-xSglte7Dbfr_GVJSbt7cTxBMhPGcywAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo1AYB68kc9wK5nOJBbODohg%26sig%3DAOD64_0_qd1psJx87DtNcN9184P0EToYUg%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-CRswRuOfR5Mo_KsTMOVLNq3FnE1-GoD0rZWf4u0hCH_RO6afpG4m9ZpjRD6M5rHI_BAOqmhmbQSPpDqgHqcGqmsccaib319mxIP42rllrRQBmBW1ZZUf_LQYBFb4172Qm8-SCVmbhVcpLnaL2bPLKTzcjaqg%26cry%3D1%26dbm_d%3DAKAmf-ADYxG-q6ZcTtPADTs-P0PIO6y7PAn12UXHrXhnHNRPcybllZyuBHUyBg3NqVDxbAlifGKJnBkqCFScNtlxnZxIBuAN0EQY5ylcTqQ7GNPz2nUAv69q0yT95khsG5kaFSwjOQaxkqBUsE_0uqP8ztGLzrOCk26oZ_Sh-T2iXzM3k6s1xrafCGX98eDFpO9aUzGkFjacC22C2qS1k7DFG2W7IYnFQ-1F8zbYXPpXasjH6MVGyfGR8ejPSstasMPY2tIg295rY9rYrO-qhkjV5Ja4Yqcj_n36aVoD6HMfGnPmpUAvffZ38_zsED37mlDVjQqXP5WcOylM7bc13q6Wsnd8XCdHe8Q11vQxmFU0RP__JSQPIxMrhr5H2QSrUXDW-Ck8zPHRq6xn5M-qLBFGqlLeWWFHbbv-cAh_RrUgoRKZmvkjCnvJ-1H-U0pb1PD8T5pcTrTz%26adurl%3D&documentReferer=https%3A%2F%2Fe1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=https%3A%2F%2Fe1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=5557385533758&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 31 Oct 2021 10:05:39 +0100

GET
H/1.1 200
OK mz3e4ljusno6 Show response
hal9000.redintelligence.net/zone/ Frame 942C 11 KB
4 KB 36ms
13ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/mz3e4ljusno6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAU_lcmp-Yf7FCvKGjuwPnq6E4AGP4PiGU921i6TKDPAuEAEg1J-5J2CV4pCCoAfIAQmpAi6C9C-RZbM-qAMBqgSBAk_Ql-XUk3DSRuAy1684M--ATuXbY5B103yfE9pgy7R-3pZEgpg37UukXlImWRZTd1f0Yk_3XdN0i3lB6NJTHNNyUfR_fUxONWl9RQoj-Ahrwvvsd_E8U_AJZd8jG50uYXZcyM8f8eCBLOoYu4WOxUY1dTY3jMYrN0I2HnNCEZIx7Kg9j3z1aLB17aWzZ6az0cmt1QNzA6y4cx0wY1eFkLaKmyYXdV9Bw-VbbUj9Mej7LZKhilGB8EQAXorDNXHMx-sbD7m-B6UZfUujiXJM-8qoGZoa6LnxpuVhXufl5-kEiVZ3V6HMNC6z44VfVQ-2Fhml7FrzPPS0EStgwvMf9ZoawAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6S3l8rOBcMKTrzs9vdNF75UNYw%26sig%3DAOD64_3fRQgOB6h_sRXtxeqvInc1ZzKQIA%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-AoRb_MvNq-c0Vud6fM-Y4K7ZC9kKiYQTVmJfkdcvurGQYElWVOui2tf0TPgI4UA7g31gOTAo2x9HwyFfbH9zF_AUPP8t4UgQRSkvNNfaDY4rlYGhbfBmRmvnIBn09rA0Jj1MMIvrLErafLJaLOiKKjDNOFdQ%26cry%3D1%26dbm_d%3DAKAmf-AvEsfTtiDsboYwFm5ghYq7bjJCR8PXPMTv3GkS40oWPotd1ctxrwZ-0qmtVmWOQv8EMUnXN1RsSEqYGck23GD0CxKYAjZOQ4NeKwRcICxmwUSp8AMmmCQUPjUts1ICY4MmJ_vn71bqJCQWJ1sB8KXMQv827Vj_B9CHHqgNX1zlnrG-ohwScU4IfFTAqQYpqDdEnG-YOf_vgPJR9OUWPROiEVzOIRmLlcNFhJhpTdnra85Rrp8WiEND9RkLGqy5y_g-kxiUQ_7tsUKtUyVzy9FTDVFXSRRfo9r7E4ERa1RrW9MBmto6DetiZq9aAGABmYb-gtrsQyCBUhb1YjWwIps5nAlHKA3QY2FVzeyGoPdeDcYRr_ewbgvnmkZBsn0yxd-9cvHAQYlvovqCZ8IRDTkvAGbq9Kvv_h9pOzUg4_zTQtwEk7RHAvkla4VpCub8NqgzPKbW%26adurl%3D
Requested by: Host: c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com
URL: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 199d1cd45e3f410c29743c1f4a0f57708ac7b8d8c173b7e4ce239979cf6d0de9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3929
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 container.html Show response
d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 14D5 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 31 Oct 2021 10:05:38 GMT
expires: Mon, 31 Oct 2022 10:05:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/275069/ 0
66 B 68ms
68ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=145f3b2593f2ab42&pm=bmu&pxo=Pjy6faHofA85Qk7C7-HeQdC6UqXGu9EMCj3C6WMtugROYA2dufAJMieEfocbtjD_KMxPvMYjNYKFUo2F6sISujZf-HG1_7WtO4rsqQwsI_hfdaBTtEznjQ58hRjym_OwG-L9oCAmBAVchbHIsmPrvRfsr7jurmBDx6UMJmNkoUwyBDnp&p5=gfgmc&rand=dmrxnbc&sj=ToDTi9LIoBAQwxO53lGOf2BMv442QUX71ZO3sKBHGelURRzeDEG5ybhtG52x&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjic&rqs=cdpb7u22bQRxan5hlMp7RLgwq8qI4TrR&rtb-si=b&p2=gatm&resp-time=1223

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:39 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4984 11 KB
8 KB 27ms
27ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7d83a3d5041570e288aa8bca331f59ca74ea91b4f84fe684c06c1795c62b088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8588
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FDD9 363 B
378 B 19ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkq_ClQEwAQ&v=APEucNXuqWDFLCM4n_dquwVvzrTLjU2jUxGvGhVVRgueR5AzrHOOSRVTZSeOoFmm80w6g8MckCWBcqibMYWS_-SAuRUAGwZ0dNt4HcsFO2m7RAWvfhkGawl9eXIIgsy72f-Z-x_0K7C2e5AOWhiM4vbXwRHt0zru7Hvq5PtsJ_6j5PX4s3CHhd0

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 31 Oct 2021 10:05:39 GMT
server: cafe
cache-control: private
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 Oct 2021 10:05:39 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BF90 26 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClLH6kq57Lp6t77RgR1EP4St2JMhsyrll_5p8apy4HOh9rvcOBT3N3oG-N5zUFnmbDhfEOfkiufYFbdGsAo1Rvkb84QIBdmVc8UZxJeM-BIwnzW9P4DzPAXXfTBMFZu9Taf8BpO1NgX3NX8-c5txPpw0w_RA&cry=1&dbm_d=AKAmf-BQPlTPIdMU-ZSEiN-Tpehb2IBDi5zgfjPlE9W7NWO1xVO2mDYq5adOIrW54dp2b3tQ1IRKYklvd5_I1pXKVaa3yJcx62WoGfLbv8hh0gtGf3xGAPym51vFafh_zsFFPQRGw636gmud8tl_qIJR5aQ7rLGhSgv0RJsIlna0u-J5d7jbfoXyUOLLUn_KRX1_t3Wsqh_9cNwZCZ3ZPJEYDCazENbj1EX4b53zO5GEpzZfi2_1HDA_3J5t0sHxHJrt9dsgzIek8sgDXGapY4J58RqPHE4LFKUDN8YUC7dI4CT6MwEgjeWVIEVrtknC3NQyzfjXAGiR8kUsGpJVGUwtwPQ8qkgUOQdeSiQZvwZd95Z62b457WaY0QmaSE4H3DJ9pFA6rthxoOf8QOXz-ESHL7VdjaPiLQJEeC-0-n3ix2CewMOKz-Qdb3-pn1eKgcw9dqQJ4tQkWR0GVuBKsp6jwj0Qu-KLovow3GPUom_qKRwx23yDnKafM1pSKFiEm6CUxzjTAeDea2RmvbiGM-VQhnsalNI_HH85q3Ddjh-LYebsU7m1yuoCmu-Q9RpuozdT3zhLKZevJgmg1wOci6VVmNXCOUkHVL4UcuckVSzl_GHfKyCs8BYacNnVZ_Tkz04M11_Z7naUYYwkyMPrhS_r1pYss5b0-16S0rEbZocK_YGnqr6MAzdRsZ5al8F8RNOJ1dcEvWMmrO6UX3qtlqUf5SNGTpa_x5_pT52I7LiJynZ_eLXe02u2VCx7HsjJ09-_vbSTeDvTbFbSYhrip9gAWxG5XzwSoPEDTli3osMDnvLxarVEXUpocV__1f5wClEPHnru2zha_woB5f8VgJcunDaciofwx0gCFVfQjyByYskqupoPPWqwL_eVeAP8uVpU55viGdvwVF-EvjlkuQo60Q6aYtP6rB0HFvT_AgyFPSsh0tMrlcjgGC2WPS97XwDoDiIicS9_hXfl1CGUkE-KLtFA0Oa0CfvWA--0n8DwpIKWnfsOEKCsZKU_YQeIt-RlFLJAr098DjaQ15DkVE5B311c-ZcSYu_fx18hbuAQHf1jzBcSmRL9CofYqi_25P2z-hhytT3pQvAs8x72E0IKBOmv0Yq1v8rIfi3DreQ0vLNuwv_ZyGOLQWTrwD8PcbFuR0tQXUsBJL2Jnd7rtgXOWKcfnDfh1CiF1VxIMDyDlQsc_J2zRNOZwJPIENXncjUhFOeIQlLA7ijfFAUsXquk5425Lm-a2RsN3J7PhcwVttxP5RcIyWyqXQ2_4BTB2DiFJ-zwiNr-9R5DVRPV4BafG3e81b5rz7OwJVerbekY3WVHQ7VsJ4Q5lqy8gikeps0e0vrlZ9Ec1CZ_jv54QXAPpf2SmJQwexHr8q6wM7WvSkRB_k9bhA3F3cMVGnBLEMzgzNaitmiMu4MCJkQm3HrP4aHdigDZtTBhi4wCnFZyssuTays6ZAR-m8q8PdL-4aGXqA2BYGHvqhBzRzlSRzMIL_cujRUHG1aa1XLS5AkzgxL-Z7Dbzk4aGTLS4jeTvFSGXs4By2txy2bSJErAFq1JaVYZ2-1GKj_Mmn6AxY_Y6HnEfI8sUofAUJJUaH5DNHsP6IN8MIroEIYRbWMXyQcRpKIjIJtK9O1Ti9S3S-DG1LBGLYx10jT6_GAs3TeLmMcfxM7W8GUSK2heZTTOuEU5rwhuaop_qVSITz4Lfi9LAvpkj9zUZXvlYlR-cCU_Mm7TBPxheHB7frg0hhq_1RtSGxheC6sw9o6v8v_Jr8066bWis4QaE1UDHh2ySDQwPczJUcMcIXK1yxVV3SanfsT-QRIofDkLMR5oc0NRbyoCb7cMf4kUb7bIUqWoidxm54eZkS-3IE6E4VQo576hrHQeGwXjFfXeXpM4761ybI6PtBJIkvPCX_zCev2HZ8n2lQsrr8AWYiGjCgywhsotoTqFJ8NByWYc0G67PsmrQ78VyWTXR30IYSVHZlOVVe1Fn7mM4g4T-k4yzhfycZ_QFSS-wuW5V8UeQrkdM8Z5mOnmISy2ZxA1NOEwY61UgvfwE87W01pUpnaeMt754H2CvEsIu8KDXm_XbHgE7SGud2HTPy4wf1_0Sk_k6Br3MTWBGRo8AUkWjIPkkSeCAuzrwOLhXaxVCDJqykfhTCczO4XQz966AZX1PwqpKR6ovlspHPCF276neZ7ht8kjk3X1PQa6bfseS1W4ye8xb8t7megKl2ZR6vYSmzYVByeP_CQTFFCcR5MhNerPWnXnT7KgBngWcAIcabhpLg5vDBYQncNnOz3oCGba7jkYfHzVICdJp6ycCMMrB8sObF1gRZrNOG2LXdnDrukL8p9zwLs4gjG0SWNylL9XvacrbcLfT8clCK7Evwjcn0kTM5fWSuktSTylJj51A7O0Lzb0oEhHSYegcRDaLFlTLgK0FRcbSIMQFkD7ZCIv3Zhxg31EMym6_GvLY_y8GdQXnklLfvsyGY-SLKjw2-PFDKk3FFq7sV76KjUOqnpUlqJ1uVRUUcikuPXPvPWH-FGQy-ZCcvw5KU-bdY2hcRpwVxVF-C-BjUVPfQ2wNE_X7YUOXrBu9oy5muSTFsWI2nGGSDC9e04WLBQcoRrfX3geaXTZgd93_nrbJkQTTdiS2MKdNF9T8XF7xsIwLobMoUjzbtXae47MW6Vl7RRCVWgzF5W5oe8J0XheZ95b-PzQSFPcRzcXVyQ8uE131rk5sHlJI0kZSxt7WIp6To3LMykZz4XJz4AW4mM0ASgFzyuH7dNP2TcousyFCMY8CvMoE4NFc9kFFQhQJwUciWJMac5TdWRuVe-q9pQBLYas9UPy57FzZNZveD4VYkLO09XSXgv5FBVs15Eu8nFAUF1XzoNyURXARxtqYup9s0KhM3QX_aDcaOu5UouPVsZv-nblMZCRYuPFcDYf8JRhWfLHjfpcAnj2xW6JnaKoBFzNMH407ohSPaVQs-wx86q52e3leJ5PjRZM4AscJmPgI6WRdzKl_dKPaserBnB-78BNFY48Bi3tTZ_H5EMhJzVHgPTv1Oh_uHz59sfvyaL0XN1TUbw5tgEZYWR-yGNY84pKcYs241-SskLXpfFFaOM-VXHxDqfUCB_hpqzugk-fjIirdqIQnjqWM_Y1zU63KpRTcCKZmnGX7KtqJDqsbdnVxISz9KXmVe4VpaYB1ptbxPYeqsmS1xJvRpjYvyo4otClzjI-2QEpkD8s25u-PPUSkdl0mnxyixBCDjF2ftY4mFMheqKbZi6LEYaspgoVmhaPNAsylA1Oo0A4CaSdUbUzsljug_WbxtdGkAimm1BqdSev_wuCvFgn4OE5rWOfwti-TYG_V6RGaRGEgn3bZzCJi72yyRqhX64qkNJ2jlhY5awDU4e1NBEIJLx4S2ZWnVWMQ_xAQgpLnK1qRgVH27MA0vd-0NE3rdHSiOJQQmn9VSXYCO-azIM&cid=CAASFeRoA9_WC5zA9LHXLOCdx8DnNtu5yQ&rfl=3%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9f5988daec1aaf536db334bc7aaa873f0e73b134176f69021f435934a6a46da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13832
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame BF90 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 09:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 09:58:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF90 120 KB
37 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Oct 2021 10:05:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame BF90 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:03:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BF90 0
0 22ms
21ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIimUQcY1GGSCnrYRhkQZvRemC6ePElGtB7v2LxBdbrSo3SCv26J1zCHUVSRcsYb00Hd4kKUbAdvYe3m-iFziyQXNsFg
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF90 42 B
107 B 40ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZIkGQEYrMJvxUpALIHyOZZre9v7mRY9EtPxv3L4U7mNrUsq4y5YPebGrxV4MQOyuJr5hhNRZnvVv7Umq3ZgyfAyFl0ZioJHwBY4yo4924GlTGnUw

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame 4CE2 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 17:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 30 Oct 2022 17:00:27 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FF9F 0
0 61ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102701&jk=2697723148494942&rc=
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK request.php Show response
hal90004.redintelligence.net/ Frame 21C4 2 KB
1 KB 102ms
69ms Script
application/x-javascript 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=b440350d6f&subid=&uid=c0d1b2e7f60c5b31&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-G5wcmp-YaSRAc6RrASmxI3QDo_g-IZT9aiLpMoM8C4QASDUn7knYJXikIKgB8gBCakCLoL0L5Flsz6oAwGqBIoCT9B_F_L1n3i9trgNNeOpTX--7wyo4LbHH_hVtFMWPfyY1_ebTIyPCR_7EiHKYjLxJDhqnJjNZCHnUS3ZtvIIaYneY-dmThKFElD3p8du5jYagZ6TdPaL3CzKquyx93ZzM34EKf4rtfGAvAz-d3uDOQdaaRQDZBk9Kzz_EQf94gnTII9tjgwSpQ4ZjgDjG70vBEbqAQh_4BCKMcJoddBp4KYfw6GP125CoGGPQeWjMYTIINin1KIDC1YaIkXrucl8JMWTUAeegyOvB6lGnO3N_xC04eVCD8MXphTXj32vIeVHTkJdR9EDvJLCJh96Pu9QRVC-CN9g3ispk9hIj69IKH6bMWHVpp_-afTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoWNsefSHZZe-u0BT9D0tgF9nkNQ%26sig%3DAOD64_3TGpn3OM04iGx6H_MEEpDP6IxWGw%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-BB8oY9Vii-haXePaAuoddvRtq_bULiRJiZMt15BSQe5LQpwfPUHMV7TupafPFS7x6FNdKpAMX3RO1xPoo-NOgRMGlNCq23-AvdjOiLXBr41wFogZxFU_qoiOCB7pbclImYay6s_ZjYrivvg1WlH83NNyWsnQ%26cry%3D1%26dbm_d%3DAKAmf-DCHbZd9jI457yP_ovnsCRc7P6McKNfNzECsTaqy5YKD0bf_yA9dbjrrgaPFwOXBbru31QS7QuSkpWWS2YsIi9MI6l5HLwlETsrHfCJIiB1bewg9B5TiqC1HX8EMgaZwabK0tqPlWjyj1ydBZ0WT8VvCy142GJOBIikUs71tawlNzwSFUtgYbc1Vg_yAQEAaqtZfCPQjeRAquiz1IcUQBfO71711GGOCxvBcsfEk0APz18zTiAQ2G5oVCED-wRSEPQ_vBpCayig8tmx_emTMvuQj2IiOG-9TKOhA2RvI5c_EFyPZMUsLUK3hieXRJxI_NWJy3S9auBEObtVavQpXU7-p_3P2RANTOR75FZ23-xKCpBwtL-68a8a_xsliZtzosPPKY7GG7uaMnRXgk0s35jny8zRL3mMqi-bAyEDUWyvju_0MugSzPxMW1Ie6r6zRfOABC4e%26adurl%3D&documentReferer=https%3A%2F%2Fytro.news%2F&ancestorOrigins=https%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=8216601609617&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-G5wcmp-YaSRAc6RrASmxI3QDo_g-IZT9aiLpMoM8C4QASDUn7knYJXikIKgB8gBCakCLoL0L5Flsz6oAwGqBIoCT9B_F_L1n3i9trgNNeOpTX--7wyo4LbHH_hVtFMWPfyY1_ebTIyPCR_7EiHKYjLxJDhqnJjNZCHnUS3ZtvIIaYneY-dmThKFElD3p8du5jYagZ6TdPaL3CzKquyx93ZzM34EKf4rtfGAvAz-d3uDOQdaaRQDZBk9Kzz_EQf94gnTII9tjgwSpQ4ZjgDjG70vBEbqAQh_4BCKMcJoddBp4KYfw6GP125CoGGPQeWjMYTIINin1KIDC1YaIkXrucl8JMWTUAeegyOvB6lGnO3N_xC04eVCD8MXphTXj32vIeVHTkJdR9EDvJLCJh96Pu9QRVC-CN9g3ispk9hIj69IKH6bMWHVpp_-afTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoWNsefSHZZe-u0BT9D0tgF9nkNQ%26sig%3DAOD64_3TGpn3OM04iGx6H_MEEpDP6IxWGw%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-BB8oY9Vii-haXePaAuoddvRtq_bULiRJiZMt15BSQe5LQpwfPUHMV7TupafPFS7x6FNdKpAMX3RO1xPoo-NOgRMGlNCq23-AvdjOiLXBr41wFogZxFU_qoiOCB7pbclImYay6s_ZjYrivvg1WlH83NNyWsnQ%26cry%3D1%26dbm_d%3DAKAmf-DCHbZd9jI457yP_ovnsCRc7P6McKNfNzECsTaqy5YKD0bf_yA9dbjrrgaPFwOXBbru31QS7QuSkpWWS2YsIi9MI6l5HLwlETsrHfCJIiB1bewg9B5TiqC1HX8EMgaZwabK0tqPlWjyj1ydBZ0WT8VvCy142GJOBIikUs71tawlNzwSFUtgYbc1Vg_yAQEAaqtZfCPQjeRAquiz1IcUQBfO71711GGOCxvBcsfEk0APz18zTiAQ2G5oVCED-wRSEPQ_vBpCayig8tmx_emTMvuQj2IiOG-9TKOhA2RvI5c_EFyPZMUsLUK3hieXRJxI_NWJy3S9auBEObtVavQpXU7-p_3P2RANTOR75FZ23-xKCpBwtL-68a8a_xsliZtzosPPKY7GG7uaMnRXgk0s35jny8zRL3mMqi-bAyEDUWyvju_0MugSzPxMW1Ie6r6zRfOABC4e%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 74fbaf35be39c1522c3c2a5823ed507358f1d2ae40bda797f660ca478506c22a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:39 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 87700600058650100710584011764004
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 891
Expires: Sun, 31 Oct 2021 10:05:39 +0100

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4984 17 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 31 Oct 2021 10:05:39 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 77EF 22 KB
8 KB 14ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 27 Oct 2021 14:26:02 GMT
expires: Thu, 27 Oct 2022 14:26:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 329977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request.php Show response
hal900027.redintelligence.net/ Frame 942C 2 KB
1 KB 108ms
76ms Script
application/x-javascript 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=mz3e4ljusno6&nw=20&renderingType=javascript&namespace=22e14b1660&subid=&uid=4fd9dc4be9f4a96b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAU_lcmp-Yf7FCvKGjuwPnq6E4AGP4PiGU921i6TKDPAuEAEg1J-5J2CV4pCCoAfIAQmpAi6C9C-RZbM-qAMBqgSBAk_Ql-XUk3DSRuAy1684M--ATuXbY5B103yfE9pgy7R-3pZEgpg37UukXlImWRZTd1f0Yk_3XdN0i3lB6NJTHNNyUfR_fUxONWl9RQoj-Ahrwvvsd_E8U_AJZd8jG50uYXZcyM8f8eCBLOoYu4WOxUY1dTY3jMYrN0I2HnNCEZIx7Kg9j3z1aLB17aWzZ6az0cmt1QNzA6y4cx0wY1eFkLaKmyYXdV9Bw-VbbUj9Mej7LZKhilGB8EQAXorDNXHMx-sbD7m-B6UZfUujiXJM-8qoGZoa6LnxpuVhXufl5-kEiVZ3V6HMNC6z44VfVQ-2Fhml7FrzPPS0EStgwvMf9ZoawAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6S3l8rOBcMKTrzs9vdNF75UNYw%26sig%3DAOD64_3fRQgOB6h_sRXtxeqvInc1ZzKQIA%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-AoRb_MvNq-c0Vud6fM-Y4K7ZC9kKiYQTVmJfkdcvurGQYElWVOui2tf0TPgI4UA7g31gOTAo2x9HwyFfbH9zF_AUPP8t4UgQRSkvNNfaDY4rlYGhbfBmRmvnIBn09rA0Jj1MMIvrLErafLJaLOiKKjDNOFdQ%26cry%3D1%26dbm_d%3DAKAmf-AvEsfTtiDsboYwFm5ghYq7bjJCR8PXPMTv3GkS40oWPotd1ctxrwZ-0qmtVmWOQv8EMUnXN1RsSEqYGck23GD0CxKYAjZOQ4NeKwRcICxmwUSp8AMmmCQUPjUts1ICY4MmJ_vn71bqJCQWJ1sB8KXMQv827Vj_B9CHHqgNX1zlnrG-ohwScU4IfFTAqQYpqDdEnG-YOf_vgPJR9OUWPROiEVzOIRmLlcNFhJhpTdnra85Rrp8WiEND9RkLGqy5y_g-kxiUQ_7tsUKtUyVzy9FTDVFXSRRfo9r7E4ERa1RrW9MBmto6DetiZq9aAGABmYb-gtrsQyCBUhb1YjWwIps5nAlHKA3QY2FVzeyGoPdeDcYRr_ewbgvnmkZBsn0yxd-9cvHAQYlvovqCZ8IRDTkvAGbq9Kvv_h9pOzUg4_zTQtwEk7RHAvkla4VpCub8NqgzPKbW%26adurl%3D&documentReferer=https%3A%2F%2Fc0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=https%3A%2F%2Fc0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=9912687736375&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/mz3e4ljusno6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAU_lcmp-Yf7FCvKGjuwPnq6E4AGP4PiGU921i6TKDPAuEAEg1J-5J2CV4pCCoAfIAQmpAi6C9C-RZbM-qAMBqgSBAk_Ql-XUk3DSRuAy1684M--ATuXbY5B103yfE9pgy7R-3pZEgpg37UukXlImWRZTd1f0Yk_3XdN0i3lB6NJTHNNyUfR_fUxONWl9RQoj-Ahrwvvsd_E8U_AJZd8jG50uYXZcyM8f8eCBLOoYu4WOxUY1dTY3jMYrN0I2HnNCEZIx7Kg9j3z1aLB17aWzZ6az0cmt1QNzA6y4cx0wY1eFkLaKmyYXdV9Bw-VbbUj9Mej7LZKhilGB8EQAXorDNXHMx-sbD7m-B6UZfUujiXJM-8qoGZoa6LnxpuVhXufl5-kEiVZ3V6HMNC6z44VfVQ-2Fhml7FrzPPS0EStgwvMf9ZoawAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6S3l8rOBcMKTrzs9vdNF75UNYw%26sig%3DAOD64_3fRQgOB6h_sRXtxeqvInc1ZzKQIA%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-AoRb_MvNq-c0Vud6fM-Y4K7ZC9kKiYQTVmJfkdcvurGQYElWVOui2tf0TPgI4UA7g31gOTAo2x9HwyFfbH9zF_AUPP8t4UgQRSkvNNfaDY4rlYGhbfBmRmvnIBn09rA0Jj1MMIvrLErafLJaLOiKKjDNOFdQ%26cry%3D1%26dbm_d%3DAKAmf-AvEsfTtiDsboYwFm5ghYq7bjJCR8PXPMTv3GkS40oWPotd1ctxrwZ-0qmtVmWOQv8EMUnXN1RsSEqYGck23GD0CxKYAjZOQ4NeKwRcICxmwUSp8AMmmCQUPjUts1ICY4MmJ_vn71bqJCQWJ1sB8KXMQv827Vj_B9CHHqgNX1zlnrG-ohwScU4IfFTAqQYpqDdEnG-YOf_vgPJR9OUWPROiEVzOIRmLlcNFhJhpTdnra85Rrp8WiEND9RkLGqy5y_g-kxiUQ_7tsUKtUyVzy9FTDVFXSRRfo9r7E4ERa1RrW9MBmto6DetiZq9aAGABmYb-gtrsQyCBUhb1YjWwIps5nAlHKA3QY2FVzeyGoPdeDcYRr_ewbgvnmkZBsn0yxd-9cvHAQYlvovqCZ8IRDTkvAGbq9Kvv_h9pOzUg4_zTQtwEk7RHAvkla4VpCub8NqgzPKbW%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 9af3cb5a27b400a4d95abc3ec9a1c4b2c659f04c44fc1eb5087976043a666ef9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:39 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 80669300059114201084668011764027
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 892
Expires: Sun, 31 Oct 2021 10:05:39 +0100

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8965 12 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 30 Oct 2021 15:45:52 GMT
expires: Sun, 30 Oct 2022 15:45:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 65987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B5C2 783 B
761 B 25ms
25ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

53df99c33bb35855bc6ba4ed840eceb563c9101a314ad672ab3dfb4782e68598

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rFcKLlOm+8kgxGnJqeTWTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 31 Oct 2021 10:05:39 GMT
date: Sun, 31 Oct 2021 10:05:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-rFcKLlOm+8kgxGnJqeTWTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame BF90 24 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClLH6kq57Lp6t77RgR1EP4St2JMhsyrll_5p8apy4HOh9rvcOBT3N3oG-N5zUFnmbDhfEOfkiufYFbdGsAo1Rvkb84QIBdmVc8UZxJeM-BIwnzW9P4DzPAXXfTBMFZu9Taf8BpO1NgX3NX8-c5txPpw0w_RA&cry=1&dbm_d=AKAmf-BQPlTPIdMU-ZSEiN-Tpehb2IBDi5zgfjPlE9W7NWO1xVO2mDYq5adOIrW54dp2b3tQ1IRKYklvd5_I1pXKVaa3yJcx62WoGfLbv8hh0gtGf3xGAPym51vFafh_zsFFPQRGw636gmud8tl_qIJR5aQ7rLGhSgv0RJsIlna0u-J5d7jbfoXyUOLLUn_KRX1_t3Wsqh_9cNwZCZ3ZPJEYDCazENbj1EX4b53zO5GEpzZfi2_1HDA_3J5t0sHxHJrt9dsgzIek8sgDXGapY4J58RqPHE4LFKUDN8YUC7dI4CT6MwEgjeWVIEVrtknC3NQyzfjXAGiR8kUsGpJVGUwtwPQ8qkgUOQdeSiQZvwZd95Z62b457WaY0QmaSE4H3DJ9pFA6rthxoOf8QOXz-ESHL7VdjaPiLQJEeC-0-n3ix2CewMOKz-Qdb3-pn1eKgcw9dqQJ4tQkWR0GVuBKsp6jwj0Qu-KLovow3GPUom_qKRwx23yDnKafM1pSKFiEm6CUxzjTAeDea2RmvbiGM-VQhnsalNI_HH85q3Ddjh-LYebsU7m1yuoCmu-Q9RpuozdT3zhLKZevJgmg1wOci6VVmNXCOUkHVL4UcuckVSzl_GHfKyCs8BYacNnVZ_Tkz04M11_Z7naUYYwkyMPrhS_r1pYss5b0-16S0rEbZocK_YGnqr6MAzdRsZ5al8F8RNOJ1dcEvWMmrO6UX3qtlqUf5SNGTpa_x5_pT52I7LiJynZ_eLXe02u2VCx7HsjJ09-_vbSTeDvTbFbSYhrip9gAWxG5XzwSoPEDTli3osMDnvLxarVEXUpocV__1f5wClEPHnru2zha_woB5f8VgJcunDaciofwx0gCFVfQjyByYskqupoPPWqwL_eVeAP8uVpU55viGdvwVF-EvjlkuQo60Q6aYtP6rB0HFvT_AgyFPSsh0tMrlcjgGC2WPS97XwDoDiIicS9_hXfl1CGUkE-KLtFA0Oa0CfvWA--0n8DwpIKWnfsOEKCsZKU_YQeIt-RlFLJAr098DjaQ15DkVE5B311c-ZcSYu_fx18hbuAQHf1jzBcSmRL9CofYqi_25P2z-hhytT3pQvAs8x72E0IKBOmv0Yq1v8rIfi3DreQ0vLNuwv_ZyGOLQWTrwD8PcbFuR0tQXUsBJL2Jnd7rtgXOWKcfnDfh1CiF1VxIMDyDlQsc_J2zRNOZwJPIENXncjUhFOeIQlLA7ijfFAUsXquk5425Lm-a2RsN3J7PhcwVttxP5RcIyWyqXQ2_4BTB2DiFJ-zwiNr-9R5DVRPV4BafG3e81b5rz7OwJVerbekY3WVHQ7VsJ4Q5lqy8gikeps0e0vrlZ9Ec1CZ_jv54QXAPpf2SmJQwexHr8q6wM7WvSkRB_k9bhA3F3cMVGnBLEMzgzNaitmiMu4MCJkQm3HrP4aHdigDZtTBhi4wCnFZyssuTays6ZAR-m8q8PdL-4aGXqA2BYGHvqhBzRzlSRzMIL_cujRUHG1aa1XLS5AkzgxL-Z7Dbzk4aGTLS4jeTvFSGXs4By2txy2bSJErAFq1JaVYZ2-1GKj_Mmn6AxY_Y6HnEfI8sUofAUJJUaH5DNHsP6IN8MIroEIYRbWMXyQcRpKIjIJtK9O1Ti9S3S-DG1LBGLYx10jT6_GAs3TeLmMcfxM7W8GUSK2heZTTOuEU5rwhuaop_qVSITz4Lfi9LAvpkj9zUZXvlYlR-cCU_Mm7TBPxheHB7frg0hhq_1RtSGxheC6sw9o6v8v_Jr8066bWis4QaE1UDHh2ySDQwPczJUcMcIXK1yxVV3SanfsT-QRIofDkLMR5oc0NRbyoCb7cMf4kUb7bIUqWoidxm54eZkS-3IE6E4VQo576hrHQeGwXjFfXeXpM4761ybI6PtBJIkvPCX_zCev2HZ8n2lQsrr8AWYiGjCgywhsotoTqFJ8NByWYc0G67PsmrQ78VyWTXR30IYSVHZlOVVe1Fn7mM4g4T-k4yzhfycZ_QFSS-wuW5V8UeQrkdM8Z5mOnmISy2ZxA1NOEwY61UgvfwE87W01pUpnaeMt754H2CvEsIu8KDXm_XbHgE7SGud2HTPy4wf1_0Sk_k6Br3MTWBGRo8AUkWjIPkkSeCAuzrwOLhXaxVCDJqykfhTCczO4XQz966AZX1PwqpKR6ovlspHPCF276neZ7ht8kjk3X1PQa6bfseS1W4ye8xb8t7megKl2ZR6vYSmzYVByeP_CQTFFCcR5MhNerPWnXnT7KgBngWcAIcabhpLg5vDBYQncNnOz3oCGba7jkYfHzVICdJp6ycCMMrB8sObF1gRZrNOG2LXdnDrukL8p9zwLs4gjG0SWNylL9XvacrbcLfT8clCK7Evwjcn0kTM5fWSuktSTylJj51A7O0Lzb0oEhHSYegcRDaLFlTLgK0FRcbSIMQFkD7ZCIv3Zhxg31EMym6_GvLY_y8GdQXnklLfvsyGY-SLKjw2-PFDKk3FFq7sV76KjUOqnpUlqJ1uVRUUcikuPXPvPWH-FGQy-ZCcvw5KU-bdY2hcRpwVxVF-C-BjUVPfQ2wNE_X7YUOXrBu9oy5muSTFsWI2nGGSDC9e04WLBQcoRrfX3geaXTZgd93_nrbJkQTTdiS2MKdNF9T8XF7xsIwLobMoUjzbtXae47MW6Vl7RRCVWgzF5W5oe8J0XheZ95b-PzQSFPcRzcXVyQ8uE131rk5sHlJI0kZSxt7WIp6To3LMykZz4XJz4AW4mM0ASgFzyuH7dNP2TcousyFCMY8CvMoE4NFc9kFFQhQJwUciWJMac5TdWRuVe-q9pQBLYas9UPy57FzZNZveD4VYkLO09XSXgv5FBVs15Eu8nFAUF1XzoNyURXARxtqYup9s0KhM3QX_aDcaOu5UouPVsZv-nblMZCRYuPFcDYf8JRhWfLHjfpcAnj2xW6JnaKoBFzNMH407ohSPaVQs-wx86q52e3leJ5PjRZM4AscJmPgI6WRdzKl_dKPaserBnB-78BNFY48Bi3tTZ_H5EMhJzVHgPTv1Oh_uHz59sfvyaL0XN1TUbw5tgEZYWR-yGNY84pKcYs241-SskLXpfFFaOM-VXHxDqfUCB_hpqzugk-fjIirdqIQnjqWM_Y1zU63KpRTcCKZmnGX7KtqJDqsbdnVxISz9KXmVe4VpaYB1ptbxPYeqsmS1xJvRpjYvyo4otClzjI-2QEpkD8s25u-PPUSkdl0mnxyixBCDjF2ftY4mFMheqKbZi6LEYaspgoVmhaPNAsylA1Oo0A4CaSdUbUzsljug_WbxtdGkAimm1BqdSev_wuCvFgn4OE5rWOfwti-TYG_V6RGaRGEgn3bZzCJi72yyRqhX64qkNJ2jlhY5awDU4e1NBEIJLx4S2ZWnVWMQ_xAQgpLnK1qRgVH27MA0vd-0NE3rdHSiOJQQmn9VSXYCO-azIM&cid=CAASFeRoA9_WC5zA9LHXLOCdx8DnNtu5yQ&rfl=3%2Chttps%253A%252F%252Fytro.news%242%2Chttps%253A%252F%252Fytro.news%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9375
x-xss-protection: 0
server: cafe
etag: 6887285106501176819
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:00:36 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BF90 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 14:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 28 Oct 2022 14:19:44 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55946/ Frame FDD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJ8Jb2_0MJNDW5zK_5XcC4c&_origin=1&google_cver=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJ8Jb2_0MJNDW5zK_5XcC4c&_origin=1&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJ8Jb2_0MJNDW5zK_5XcC4c&_origin=1&google_cver=1&apid=UP19890a78-3a32-11ec-b200-061375847706

0
1 KB

73ms
12ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJ8Jb2_0MJNDW5zK_5XcC4c&_origin=1&google_cver=1&apid=UP19890a78-3a32-11ec-b200-061375847706

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkq_ClQEwAQ&v=APEucNXuqWDFLCM4n_dquwVvzrTLjU2jUxGvGhVVRgueR5AzrHOOSRVTZSeOoFmm80w6g8MckCWBcqibMYWS_-SAuRUAGwZ0dNt4HcsFO2m7RAWvfhkGawl9eXIIgsy72f-Z-x_0K7C2e5AOWhiM4vbXwRHt0zru7Hvq5PtsJ_6j5PX4s3CHhd0

Protocol

HTTP/1.1

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJ8Jb2_0MJNDW5zK_5XcC4c&_origin=1&google_cver=1&apid=UP19890a78-3a32-11ec-b200-061375847706
date: Sun, 31 Oct 2021 10:05:39 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDD9
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP19890a78-3a32-11ec-b200-061375847706
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAxOTg5MGE3OC0zYTMyLTExZWMtYjIwMC0wNjEzNzU4NDc3MDY%3D

170 B
188 B

16ms
16ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAxOTg5MGE3OC0zYTMyLTExZWMtYjIwMC0wNjEzNzU4NDc3MDY%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAxOTg5MGE3OC0zYTMyLTExZWMtYjIwMC0wNjEzNzU4NDc3MDY%3D
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDD9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1WVnlSdndKRTJ1R01mbGthZ3NuM1ZZVS5QZGpFM1RhTn5B

170 B
188 B

19ms
19ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1WVnlSdndKRTJ1R01mbGthZ3NuM1ZZVS5QZGpFM1RhTn5B

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1WVnlSdndKRTJ1R01mbGthZ3NuM1ZZVS5QZGpFM1RhTn5B
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EFE7 398 B
326 B 19ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKSV2rIBMAE&v=APEucNV94qkYeY_8o1EZlOKDTL8ZGCBc9orJz25DZblf3yh2ZTzQroWhy4BXitZOPfHXqJiydxYaCCWGfPIah6GoKo_PddxxwAY4FVpCOBCprSLB6kwWu0WRb9nd9zMEIzXOBwykbZDQwyXrrjzfH-MAiClsMy26We-5AwIfQgU8G-mRiZgv83c

Requested by

Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 31 Oct 2021 10:05:39 GMT
server: cafe
cache-control: private
content-length: 258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 14D5 106 KB
38 KB 58ms
13ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
Origin: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 11:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 31 Oct 2021 11:54:18 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/ Frame 14D5 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 09:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2631
x-xss-protection: 0
server: cafe
etag: 10983085961369067521
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 09:20:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 14D5 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 09:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7760
x-xss-protection: 0
server: cafe
etag: 2659786357195577193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 09:36:48 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 14D5 42 B
107 B 40ms
39ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3QRrvJHNlOl108cnHO3Njk1OZtb1sdgKYcL9sf3SgB_pdAKXUR3TVKXlaAqkzUulbBP_7C_dMGFwIQTlP3eurbN7Abvj5g0W8QbfjW0q83OYBzxg

Requested by

Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 14D5 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 09:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 09:58:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14D5 120 KB
37 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Oct 2021 10:05:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 14D5 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:03:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 14D5 0
0 21ms
21ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcRmId8bZkPXxvGmVGgAJoP-F5eLjDHdxFzRtb6pvqijgkieYuRjqVJBXd9W2vzlvdFKlyO-YR9N-Vs6Q1c638KIg3Fw
Requested by: Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame AA72 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 17:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 30 Oct 2022 17:00:27 GMT

GET
H/1.1 200
OK l6x6viz526e4 Show response
hal9000.redintelligence.net/zone/ Frame BF90 11 KB
4 KB 287ms
13ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/l6x6viz526e4?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCs-dRcmp-YfCjDMnk3wP984voBo_g-IZTpaOLpMoM8C4QASDUn7knYJXikIKgB8gBCakCLoL0L5Flsz6oAwGqBIECT9B4h6mBPYV6r4nRq2pvyINLqbc1p2OAJSDRoJ2ZVTsXs51PcjFTyb5c1XP--0mWcjzMYZISAvVnI0857R0t2DICb25YhG1qBEdM94CPuReMFCdlten8M37IChtKGdhcJIvYS2Wk39CrvpzdXglgYipKYr8H-2LnJfkt1t1Zr4_ArFNnjv1hhe9gMpjmzeCkpvEpThacACizHqWMZoX98u4gDNCDQwwT14fdhzZJ0LQJEW2gkhK4S5mEeuuAlz1TjWmyp5fOr87_0hv66gEx--az-FXe4RXvTdxiDLmzfcrW_q5Wk9wxSZqf3SP0mFZ68v-C-2duK42JuyIM342OgfPABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoA9_WC5zA9LHXLOCdx8DnNtu5yQ%26sig%3DAOD64_32juyBTovY421upmDoQUnoLSG4Ng%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-CYjBNuPLaMW6V0YH9z31iPYzRvjWrCfJf6nZ1bmS1giKLA5XiTvbOP3WY1FpRqRML19NFM5OdI1eRMl7_tuXdsXfp7mEGf_p1zp2exy-M529vgMl1fNC-dHBmmzRuakTLqUpJZTcOiWXvKZGh-6SaL98t0sA%26cry%3D1%26dbm_d%3DAKAmf-BOWVI69W08Qaxa1UHrplKAiBw8BfMEr2zSv4lIWnUfwzmi1mypUt4a2zG8_FxlzG82npveX8EAup2z_C-qkKXbLIAET2SNj9TmaYNS2RkyOmmiXLDbUI-6j8tJVekcdU2kUv-Nebva3hkUeCQtAPJtxKpBrgUhBVEAwc_Y7wT2fkF1Wp81sPg9bQQdKO-2MeKGOahkdWALdjrQh0aAwQ-UrptZk2NDp2Ezs6d4wQFKh_d-r03G-xOxzo7_yl42he3LIXhIROeoWMN3FcaM1rAmlILjeYlY97d11mNkZzjLOV3_dG7quoWEnlbNKCEZ-4hmdUX3NXKMhmgqKxb2gBXEDVVp58ZCICIdeUUbypzm5zqWstEO6ujXrZsp7qZrARQRL4GChancbC_HGv5nnAAmT3aiAuqjuq4rST0hzyxG4POMGDqBIuJSwDfxUKMfSjnPgMsc%26adurl%3D
Requested by: Host: adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com
URL: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: c35becedf1aafd083633171683f9e043d83a9ca46436519704ebe4014e6b9456

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3931
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 627F 12 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 30 Oct 2021 15:45:52 GMT
expires: Sun, 30 Oct 2022 15:45:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 65987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CCAF 783 B
736 B 25ms
24ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b9312ab6d0b0214474ba986f7a96c1adc8de84c216a9380f27e228f5fc083c37

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3z1R+GIelpG+iAtt8wI0MQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 31 Oct 2021 10:05:39 GMT
date: Sun, 31 Oct 2021 10:05:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3z1R+GIelpG+iAtt8wI0MQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4026 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 21:14:20 GMT

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame FAD7 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 21:14:20 GMT

GET
H3

200

activityi;dc_pre=CPnUtJ6z9PMCFU3g1Qodlv4MGg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294 Show response
8019191.fls.doubleclick.net/ Frame 2A58
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPnUtJ6z9PMCFU3g1Qodlv4MGg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294?

392 B
345 B

42ms
28ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CPnUtJ6z9PMCFU3g1Qodlv4MGg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294?

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

2ccb5d9132b24a2a3576932360404be1e140039f0497c1ce82986f92f8391ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 31 Oct 2021 10:05:39 GMT
expires: Sun, 31 Oct 2021 10:05:39 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 31 Oct 2021 10:05:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPnUtJ6z9PMCFU3g1Qodlv4MGg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900019.redintelligence.net/ Frame 6136 4 KB
2 KB 37ms
13ms Document
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request_content.php?s=76377400049952300710584011764019&a=279cc441
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0491cdbed5&subid=&uid=cb26269985f4faeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6e-acmp-YaHKD5OBjuwP9rSYwAKP4PiGU_Woi6TKDPAuEAEg1J-5J2CV4pCCoAfIAQmpAi6C9C-RZbM-qAMBqgSHAk_Q_sj46X928DPa1IxcWol930z1rebbJ5g_PwHiWuoMxUMT1pBoFxmwWheFcIaINVLkFssKXqPXc2bEvZv6O9cRyEGxZQ0vHnIsKzDTcD-vsf4niZShOTZ8jsoVNcOvspt-we7dreeVD9ZNuU6utLimchSyt2J60CEKjTzac1rDV6xHw4cLxKlTNRlv6bgxNdIkOjWHQ59dyKvpDDHS1jMbUIuAQDYHoo4aJfVy-U3aUqjnL12-fLJ1ZM52Lluabv2Ptodm02Mjq8OzP69W5g3mAKEItZ7Gl_AOmDs5EnMPcP2qDuiXfZ8A3Lxvp3FJXf-xSglte7Dbfr_GVJSbt7cTxBMhPGcywAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo1AYB68kc9wK5nOJBbODohg%26sig%3DAOD64_0_qd1psJx87DtNcN9184P0EToYUg%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-CRswRuOfR5Mo_KsTMOVLNq3FnE1-GoD0rZWf4u0hCH_RO6afpG4m9ZpjRD6M5rHI_BAOqmhmbQSPpDqgHqcGqmsccaib319mxIP42rllrRQBmBW1ZZUf_LQYBFb4172Qm8-SCVmbhVcpLnaL2bPLKTzcjaqg%26cry%3D1%26dbm_d%3DAKAmf-ADYxG-q6ZcTtPADTs-P0PIO6y7PAn12UXHrXhnHNRPcybllZyuBHUyBg3NqVDxbAlifGKJnBkqCFScNtlxnZxIBuAN0EQY5ylcTqQ7GNPz2nUAv69q0yT95khsG5kaFSwjOQaxkqBUsE_0uqP8ztGLzrOCk26oZ_Sh-T2iXzM3k6s1xrafCGX98eDFpO9aUzGkFjacC22C2qS1k7DFG2W7IYnFQ-1F8zbYXPpXasjH6MVGyfGR8ejPSstasMPY2tIg295rY9rYrO-qhkjV5Ja4Yqcj_n36aVoD6HMfGnPmpUAvffZ38_zsED37mlDVjQqXP5WcOylM7bc13q6Wsnd8XCdHe8Q11vQxmFU0RP__JSQPIxMrhr5H2QSrUXDW-Ck8zPHRq6xn5M-qLBFGqlLeWWFHbbv-cAh_RrUgoRKZmvkjCnvJ-1H-U0pb1PD8T5pcTrTz%26adurl%3D&documentReferer=https%3A%2F%2Fe1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=https%3A%2F%2Fe1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=5557385533758&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 644bb75cf534daa6afa3e3b95086f18bbc720e8dc15118cd2b8f7d31bb9b6889

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 31 Oct 2021 10:05:39 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1529
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 800A 1 KB
867 B 7ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
URL: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 31 Oct 2021 08:58:57 GMT
expires: Mon, 01 Nov 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 4002
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5B4E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1891c95fcde12b1a5afdb6f4a956513116296336eb7aeae25b913e2d2730a85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

activityi;dc_pre=CNbTtJ6z9PMCFb4RBgAdo8ABWw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637 Show response
8019191.fls.doubleclick.net/ Frame 0EAC
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNbTtJ6z9PMCFb4RBgAdo8ABWw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637?

391 B
345 B

43ms
28ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CNbTtJ6z9PMCFb4RBgAdo8ABWw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637?

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

adb20dd74cf7a8de79c0e85a58f9262bdddd38d9a9584fb0c2abe7efc846a892

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 31 Oct 2021 10:05:39 GMT
expires: Sun, 31 Oct 2021 10:05:39 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 31 Oct 2021 10:05:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNbTtJ6z9PMCFb4RBgAdo8ABWw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90004.redintelligence.net/ Frame 2D31 4 KB
2 KB 38ms
12ms Document
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/request_content.php?s=87700600058650100710584011764004&a=f475deb9
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=b440350d6f&subid=&uid=c0d1b2e7f60c5b31&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-G5wcmp-YaSRAc6RrASmxI3QDo_g-IZT9aiLpMoM8C4QASDUn7knYJXikIKgB8gBCakCLoL0L5Flsz6oAwGqBIoCT9B_F_L1n3i9trgNNeOpTX--7wyo4LbHH_hVtFMWPfyY1_ebTIyPCR_7EiHKYjLxJDhqnJjNZCHnUS3ZtvIIaYneY-dmThKFElD3p8du5jYagZ6TdPaL3CzKquyx93ZzM34EKf4rtfGAvAz-d3uDOQdaaRQDZBk9Kzz_EQf94gnTII9tjgwSpQ4ZjgDjG70vBEbqAQh_4BCKMcJoddBp4KYfw6GP125CoGGPQeWjMYTIINin1KIDC1YaIkXrucl8JMWTUAeegyOvB6lGnO3N_xC04eVCD8MXphTXj32vIeVHTkJdR9EDvJLCJh96Pu9QRVC-CN9g3ispk9hIj69IKH6bMWHVpp_-afTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoWNsefSHZZe-u0BT9D0tgF9nkNQ%26sig%3DAOD64_3TGpn3OM04iGx6H_MEEpDP6IxWGw%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-BB8oY9Vii-haXePaAuoddvRtq_bULiRJiZMt15BSQe5LQpwfPUHMV7TupafPFS7x6FNdKpAMX3RO1xPoo-NOgRMGlNCq23-AvdjOiLXBr41wFogZxFU_qoiOCB7pbclImYay6s_ZjYrivvg1WlH83NNyWsnQ%26cry%3D1%26dbm_d%3DAKAmf-DCHbZd9jI457yP_ovnsCRc7P6McKNfNzECsTaqy5YKD0bf_yA9dbjrrgaPFwOXBbru31QS7QuSkpWWS2YsIi9MI6l5HLwlETsrHfCJIiB1bewg9B5TiqC1HX8EMgaZwabK0tqPlWjyj1ydBZ0WT8VvCy142GJOBIikUs71tawlNzwSFUtgYbc1Vg_yAQEAaqtZfCPQjeRAquiz1IcUQBfO71711GGOCxvBcsfEk0APz18zTiAQ2G5oVCED-wRSEPQ_vBpCayig8tmx_emTMvuQj2IiOG-9TKOhA2RvI5c_EFyPZMUsLUK3hieXRJxI_NWJy3S9auBEObtVavQpXU7-p_3P2RANTOR75FZ23-xKCpBwtL-68a8a_xsliZtzosPPKY7GG7uaMnRXgk0s35jny8zRL3mMqi-bAyEDUWyvju_0MugSzPxMW1Ie6r6zRfOABC4e%26adurl%3D&documentReferer=https%3A%2F%2Fytro.news%2F&ancestorOrigins=https%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=8216601609617&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 29c8710f5d6f431a85411fc314b967f2599286b21b8c7481f304c437f7ca87af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com/

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 31 Oct 2021 10:05:39 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1527
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 21C4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c1e71adb481278837affa87a797cc7444bf3f4b86b8e007d09272d5653a5593

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame EFE7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEG0u1D_Wnh8dw5uZoE4Sv0A&google_cver=1

43 B
163 B

78ms
24ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEG0u1D_Wnh8dw5uZoE4Sv0A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKSV2rIBMAE&v=APEucNV94qkYeY_8o1EZlOKDTL8ZGCBc9orJz25DZblf3yh2ZTzQroWhy4BXitZOPfHXqJiydxYaCCWGfPIah6GoKo_PddxxwAY4FVpCOBCprSLB6kwWu0WRb9nd9zMEIzXOBwykbZDQwyXrrjzfH-MAiClsMy26We-5AwIfQgU8G-mRiZgv83c
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:38 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEG0u1D_Wnh8dw5uZoE4Sv0A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame EFE7 43 B
163 B 152ms
22ms Image
image/gif 185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKSV2rIBMAE&v=APEucNV94qkYeY_8o1EZlOKDTL8ZGCBc9orJz25DZblf3yh2ZTzQroWhy4BXitZOPfHXqJiydxYaCCWGfPIah6GoKo_PddxxwAY4FVpCOBCprSLB6kwWu0WRb9nd9zMEIzXOBwykbZDQwyXrrjzfH-MAiClsMy26We-5AwIfQgU8G-mRiZgv83c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:39 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H3

200

activityi;dc_pre=CJLEtZ6z9PMCFc-AUQoda60OCg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995 Show response
8019191.fls.doubleclick.net/ Frame 3775
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJLEtZ6z9PMCFc-AUQoda60OCg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995?

391 B
343 B

29ms
28ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CJLEtZ6z9PMCFc-AUQoda60OCg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995?

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

9899c1b1b7d79b5c20c8253d35fc0641df0289c542ce194debc12f5cbe22cc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 31 Oct 2021 10:05:39 GMT
expires: Sun, 31 Oct 2021 10:05:39 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 31 Oct 2021 10:05:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJLEtZ6z9PMCFc-AUQoda60OCg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame 78D6 4 KB
2 KB 35ms
11ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=80669300059114201084668011764027&a=bcde8978
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=mz3e4ljusno6&nw=20&renderingType=javascript&namespace=22e14b1660&subid=&uid=4fd9dc4be9f4a96b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAU_lcmp-Yf7FCvKGjuwPnq6E4AGP4PiGU921i6TKDPAuEAEg1J-5J2CV4pCCoAfIAQmpAi6C9C-RZbM-qAMBqgSBAk_Ql-XUk3DSRuAy1684M--ATuXbY5B103yfE9pgy7R-3pZEgpg37UukXlImWRZTd1f0Yk_3XdN0i3lB6NJTHNNyUfR_fUxONWl9RQoj-Ahrwvvsd_E8U_AJZd8jG50uYXZcyM8f8eCBLOoYu4WOxUY1dTY3jMYrN0I2HnNCEZIx7Kg9j3z1aLB17aWzZ6az0cmt1QNzA6y4cx0wY1eFkLaKmyYXdV9Bw-VbbUj9Mej7LZKhilGB8EQAXorDNXHMx-sbD7m-B6UZfUujiXJM-8qoGZoa6LnxpuVhXufl5-kEiVZ3V6HMNC6z44VfVQ-2Fhml7FrzPPS0EStgwvMf9ZoawAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6S3l8rOBcMKTrzs9vdNF75UNYw%26sig%3DAOD64_3fRQgOB6h_sRXtxeqvInc1ZzKQIA%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-AoRb_MvNq-c0Vud6fM-Y4K7ZC9kKiYQTVmJfkdcvurGQYElWVOui2tf0TPgI4UA7g31gOTAo2x9HwyFfbH9zF_AUPP8t4UgQRSkvNNfaDY4rlYGhbfBmRmvnIBn09rA0Jj1MMIvrLErafLJaLOiKKjDNOFdQ%26cry%3D1%26dbm_d%3DAKAmf-AvEsfTtiDsboYwFm5ghYq7bjJCR8PXPMTv3GkS40oWPotd1ctxrwZ-0qmtVmWOQv8EMUnXN1RsSEqYGck23GD0CxKYAjZOQ4NeKwRcICxmwUSp8AMmmCQUPjUts1ICY4MmJ_vn71bqJCQWJ1sB8KXMQv827Vj_B9CHHqgNX1zlnrG-ohwScU4IfFTAqQYpqDdEnG-YOf_vgPJR9OUWPROiEVzOIRmLlcNFhJhpTdnra85Rrp8WiEND9RkLGqy5y_g-kxiUQ_7tsUKtUyVzy9FTDVFXSRRfo9r7E4ERa1RrW9MBmto6DetiZq9aAGABmYb-gtrsQyCBUhb1YjWwIps5nAlHKA3QY2FVzeyGoPdeDcYRr_ewbgvnmkZBsn0yxd-9cvHAQYlvovqCZ8IRDTkvAGbq9Kvv_h9pOzUg4_zTQtwEk7RHAvkla4VpCub8NqgzPKbW%26adurl%3D&documentReferer=https%3A%2F%2Fc0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=https%3A%2F%2Fc0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=9912687736375&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 1cc3e70df287e010577f59eb584d5b1be35970aab7ae5f3914d6decfdef509f0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com/

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 31 Oct 2021 10:05:39 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1416
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 942C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d318e996c63c24da67e6bc764dada6ee81b1ab887e9914455c8755b6e012ce49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DEFE 22 KB
8 KB 14ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 27 Oct 2021 14:26:02 GMT
expires: Thu, 27 Oct 2022 14:26:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 329977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/ Frame C80C 5 KB
2 KB 351ms
14ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f10db5ca926522b5afa9f275367f169096c4ae5a1daaa6109b161e7db3d9359a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1642
date: Thu, 28 Oct 2021 22:35:55 GMT
expires: Fri, 28 Oct 2022 22:35:55 GMT
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 214184
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 14D5 0
571 B 83ms
54ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrzFCBP4kd6sDiNk8eqyoe6APWWopn0SWFVtHD8oKIxhIr1mKvCZSoGyR40qjIVkfNFAoOXXlKrWO39hym8qtgKL9rZNFQJV7844mDxcxAL_yGdV9kYWp4g_iGFi0-FBpYkhtxjzBqYK6IxT7X6ts1oMuXxGAu43lq7EdZwrQIgjajuF88YWhQBksIdidyQVyarjuQxcCgFDKrCw-gHBKhQ50NLwjUZDmOkpZ6IYTXm8UYcSKgk7ooS-Cq_BxWifeaf_FhsF8Qt0hI8ab2v3DOvx0gF4RY7J3r_moZZWWapihkw1JGuUpASVkUCN0qiWg8PMjdGso5OTk9R-YKc6TRJskSj7n93qnDXcx-AKPWVZLNSQpb-86W7x8Ql9Lk0CPMiFZFhd12CBsc4OFKt2w5-Y74J7BNMRR38V2x1N6Rf6OU1NQ2X0JrvP3xTXwpRyXYkuI4AxygXW_Pt543Dqi56CdeUW27VYugB3u8u6Ru_KL0KJUGaubuixhY5jRXvAdZZuyX45W2lgoZsNJfGFqcdtRI3ZZS0XnkGHB832wmvUogSvjv7ZE4Ue2DnRgVBQO0v02N4b8DJn974egphJvnz2EAcBYXRMT8kxZLDIA9GK2-ReyIz2Q-Gm8XWcj8m_fVHws7rt1jZajQoTJTpzanQRY8PWoeRPzZMn0tJBKeVqJ75QvUqvu1oSxNEpiBHVtN3dD88MYSGVtEyvUVYXvGqB-R0X87HMd3EgOjKvLDK-P1PHwvR5i5R2rHxXkgeLxRZeCVUV0dy9I8JFeKiJDdnASoxnV3nuv8mULf58Zduh8tyCPkL43eETk_4Dnl2Qu8kz0iysVjIoHL8RXfwSIvjdG6b3rjzJHZmsgsZSvy4OAwlCVlwwGj5a-LtiFkAWUzSarGgdxZxC2iwp5UFzzj3_hKfR0jSi50vARCwZlL0vHAOhDsWA5xuGrmVDOKTNeO--LTF8fjWxH3NJ2Ek_UzcsAiwRRGGmQ2WvtFSaUZypLCcUVjWMSEPi5gPTJJGvVXPcgdxAjwctohxsg6k-qxznhkBecxzGl_jbirT1xgu3SoiWWN1NCDMdFP1TZPFGmJHYP18RiIzMwa7deW7w8eTKYeF2lCPql7dqLXLeAvERDFEcnfuM9fuKCPRqZCiKW6R68jkEY0okylf7oL1QHYMp68ml3ZmtPjULsJQZLB5JrXm5deQJCig_teQLknJtw4Vb3PgCWmUVjPegSNlav-eTxU5RPjny9pb0isHWIkd8fhqjg5E8Z1diwXq41uZEnSLvV5f4xi74KWBLBZkLvC7AHQ&sai=AMfl-YTENxjYm61_cDoAQrh8YDtUpnADXRqbCtkQagR4KGQb1-eJJSFbmCKUo7v9dHQ2ef6w1VM9Hffd59ey8UlomXo5sUj8S9z1NvFBJhEhT6wDryv0_Dzb82t_RuR6kIf-mghhaNT_klDuvLfOFLorIYb2mi_YwU9ZnCkae_Y1GKbb2M9oPoOlmtBndjZwXdejJXjNfc7WZQyhVXtLuoofQKs7BQW8j5vTEwqowlqOiOzxMxp-gAreV0wWiHXU-hykp6AibwHwREuQenKW7iVzmV3keTOPa8vkO-Vebs4r7nAH4XkQUgwW6unm34p_Vyg4&sig=Cg0ArKJSzDonoReYVHeJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=177&cisv=r20211027.66342&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 31 Oct 2021 10:05:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E3B 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102501&jk=2812272174523185&bg=!EhGlEVXNAAbUs_yW1LM7ACkAdvg8WkNUf6WvyC07nmwhyqDwxyAT5xL-_sO3qQEYoX1WP-0rb-hj1gIAAAG9UgAAAFFoAQeZAsmh_Xy02bzx7PtSAKsuiBrh9r9VahRvxVBPiQNdpfpOXvTWiXKksRSdJvUQYGADKB54D8eXUrKm-_WmtyqLPRwaTuz9eB4Joga-iIhqRaWXL6y7G3c3Zm_aNKaT8Qyh1GBWtUBZssZ4EttVb3tKnXK9i_aYiSxVrVEWrME019qfNWzkDEJ5vxr_3_LdSrt0IW6lh8EOIjcrgZluBEXoMIQrACUNxwbSlUfXq4A_Lk3yersEVNTTWu2BGZJRh52hlEyMn-1NuDMBqsHMPyy1a_jFmrHzgny3853fV_jnERF-5DVdTYD9rCNuTmXlZHogRqOyS2DoPiesQhnvdnKfytYW3I2V9rUpWY-jS_laa1PfqFX6Qs8QMgXpPFIUTL2-AJ8zlmxPo6AvFcNy8y7yzgcOSo8DZVGoe1XPgOWlOmBykNmi3omV722HyWhZ-BXCdYulxFYwg8v4nAOpMI688wu8DA45DydNPhuT0o3j3ghcyn1mCt2dNwhXvzVCsTzApkG1nLtdRNy7-w1PMV3fMOeLBJN1AZDHh9juQtOvxkroTbg-79yoL4Jnhg4JheSnzVCeK5RtcYLoXsTfjsJNYlgonxOhFn7JarxnvQ68JO6_W3bFylnL70kxVoVUxWYum-mgya0yjJ1coOpsZXNq4z0waa0iGDv_0-kdO3G96ceIIQ422nYZNuUx4ZwGx4-zOSklvUjC6_Qv6jaP_QrSvn5YPVEZClJ01ReHdElz9wvr5JB03T5TaIpbFgvNZn8j0KTo4fEaLbP-t7vppcSVVcG3fwM7BkKCqn1GZS7RZ545zvMKBItehN_w9GkySZfgDB4OrMdYPisXmncdHAHeVQa7ZRN36DxdEfBa2KmPrIkcWlXICWXTmmTnXHCPmMlJGJFtrJxyXpd1ek_SP9XbcQ9qTCRA9aVYM-Sk3-5R7hYmf8ZZ73MeZC8Ihg

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B5C2 0
0 60ms
59ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102701&jk=3461071576580863&rc=
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 14D5 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 14:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 28 Oct 2022 14:19:44 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CA93 1 KB
783 B 7ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 31 Oct 2021 08:58:57 GMT
expires: Mon, 01 Nov 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 4002
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 14D5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ca4a1b703f5e89ab1526390af87d1d72077e452251811e37d8bff386fcb4e0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame 77EF 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 21:14:20 GMT

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 6136 52 KB
52 KB 53ms
12ms Image
image/jpeg 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=76377400049952300710584011764019&a=279cc441
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: 23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Last-Modified: Mon, 20 Jun 2016 09:16:21 GMT
Server: nginx
ETag: "5767b465-ce63"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 52835

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 2D31 52 KB
52 KB 36ms
10ms Image
image/jpeg 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=87700600058650100710584011764004&a=f475deb9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: 23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Last-Modified: Mon, 20 Jun 2016 09:16:21 GMT
Server: nginx
ETag: "5767b465-ce63"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 52835

GET
H/1.1 200
OK viewability Show response
hal900019.redintelligence.net/ Frame 6136 0
150 B 37ms
12ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/viewability?s=76377400049952300710584011764019&a=d9408019&vb=m
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=76377400049952300710584011764019&a=279cc441
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/request_content.php?s=76377400049952300710584011764019&a=279cc441
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 6136 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 297D 0
56 B 45ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102601&jk=1268488247248340&bg=!5-Sl5KDNAAbUs_yW1LM7ACkAdvg8WkzkRbDEGVUarVzdnC_CaV6dOV5PjMSCUPDLGzPZc9RBeuNhcwIAAAGBUgAAAHNoAQeZAtQ6BlG7Rs6x9NaaUPil49Kfttk-2IsZGwCEkFVngU_Q8zTjCjJPSv1eIfFfEiw8F2omxMwiQffOZkN-XnjFizZSj0cUST8WSSzfnb5UQtIpSwQma1nG-hsLhwcIYm_t76E-kIZu2upgJvSGpPXXULEnrsvIAj19_ca9JQhXfDDE1Dx6pSpmbQUNmwdulc2YVXkuCuz01pEqnZMGYV_JvoEU82jTlpQwET9PYu6mCpQ7xa85kSZ0tz4xa6SWpMI4w_pZAV4rA6_LOvo1M-xvQQvm5dmNN1tYP6kwhSy3FvT3ehb1vmPECydHPQG7n7Bwf7dmyav7Wgx5wgk8hpBx2zBJnIJFjjEC1CIr-_edPem7x1WTE8l4hoLjAwrl_joYNaYv___d-fiqZL6QbYj5aFdq39OFM9H4jmRYejLmknJozYSK-Zyr1uU7dxyCYfpuhnRWRuCJIozyhLrbstef2qD5-RZjH3jPJ9emsfgsQrfJJmNwPRuvJSNJM3hycHzeGiyuVyRaxjtQl9vxTZP0v5zNddeiSOiPMCcG8SNUGuh5ShKR-4C8g5n9f3n3bf0rTItVCtyzoI7vxIIfFVgGZ2cAAXozOA4CDuGpcaorDggD_FFaw6f4L5LgLxpunnqOMJ4kiXzjyIQObFfyLxRFLm75d8fyTKAfewrjvEGRES4VuS9yjvcl_USFs_PPrcwEnUQGgJcm1vuoGNtontXMKDzV956xxlyo6jNp_uFhTWPLV01VwK_go8irlYXxVpAHL30bk-vlTK6FH6OOSqFcFBWrmidsmqZZZOPmJYWzBp9eUuBsOKUZmITP0HeOr-xu3VMiHHQLNZPnnjVsZBxT6ogP5gBRZmvYeaUUOARYMq5Q2Ah7YEp4BksRuZ0fcuJSvPWH7I_eGwTofYHR7YNSRknYRgG4NWK8G0udNh-J5l_tQlxiG0qS7oVfKeZwhokwBNuB3s7M

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK S-970x250.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 78D6 85 KB
85 KB 40ms
10ms Image
image/gif 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-970x250.gif
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=80669300059114201084668011764027&a=bcde8978
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: 3e7f0b6867ed354dd33d9c2c70d8949d0d0e02ed799e9789e244d3d6ffd8e908

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-15446"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 87110

GET
H2 200 dc_pre=CPnUtJ6z9PMCFU3g1Qodlv4MGg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294
adservice.google.com/ddm/fls/z/ Frame 2A58 42 B
262 B 51ms
51ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPnUtJ6z9PMCFU3g1Qodlv4MGg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPnUtJ6z9PMCFU3g1Qodlv4MGg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1133112815131.6294?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNbTtJ6z9PMCFb4RBgAdo8ABWw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637
adservice.google.com/ddm/fls/z/ Frame 0EAC 42 B
107 B 51ms
50ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNbTtJ6z9PMCFb4RBgAdo8ABWw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNbTtJ6z9PMCFb4RBgAdo8ABWw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7936933980307.637?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJLEtZ6z9PMCFc-AUQoda60OCg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995
adservice.google.com/ddm/fls/z/ Frame 3775 42 B
107 B 50ms
50ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJLEtZ6z9PMCFc-AUQoda60OCg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJLEtZ6z9PMCFc-AUQoda60OCg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2481449202029.995?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90004.redintelligence.net/ Frame 2D31 0
150 B 37ms
13ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/viewability?s=87700600058650100710584011764004&a=ec5e0803&vb=m
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=87700600058650100710584011764004&a=f475deb9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/request_content.php?s=87700600058650100710584011764004&a=f475deb9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2D31 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame 8965 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 17:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 30 Oct 2022 17:00:27 GMT

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame 78D6 0
150 B 35ms
12ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=80669300059114201084668011764027&a=217b3a5f&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=80669300059114201084668011764027&a=bcde8978
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=80669300059114201084668011764027&a=bcde8978
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 78D6 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 800A 0
104 B 133ms
65ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEI302N7fFbY12rHLT2xTBjw&google_cver=1&google_push=AYg5qPKpZUrq9wrO_7qVx6tn-Y2hhrwv5QOAUdcTfS8DvofU6zCzBNFkw4YVBp9sTJItQs9XCDo6nsHhaxfvJB-TKcQwnJTwkn0
Requested by: Host: e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
URL: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 800A 0
191 B 109ms
29ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHxYiziMkYyCk6pGo9K_e0o&google_cver=1&google_push=AYg5qPKvfMScsRrD3BpEjLtOg5Mgf7jF64ER4ZYXCwUFilg0Yxif0AHr2E_EqAtxIEV5U1ikJcPQPejxVwCZ-efktSDYV9UW_WU
Requested by: Host: e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
URL: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 800A 0
141 B 49ms
14ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK8vTb7N42JHbFQw-gxeWzs&google_cver=1&google_push=AYg5qPI-LKkjWV9kQRGhSpIcjaM9vLp9AQIxjeL3pE6oWjlp-w07GR2RAnu4dhvYsyObuPr1sKNryqkd6AsSv5xOnGeJMOhy1w
Requested by: Host: e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
URL: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:39 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPc_gSiAjvRGwSJFOd7OhBI&google_cver=1&google_push=AYg5qPKpSQJpjyT6pcq617-yem22UoEnnSM65U2TOC75mPrWdcsvnYDu3bb8S2Anyo7m5WCP4szB3SenWQ8n_PkLT7FwSLetzw
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpSQJpjyT6pcq617-yem22UoEnnSM65U2TOC75mPrWdcsvnYDu3bb8S2Anyo7m5WCP4szB3SenWQ8n_PkLT7FwSLetzw&google_hm=MjQzMzU2MjA3MzQ0OTExMjgz...

170 B
188 B

17ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpSQJpjyT6pcq617-yem22UoEnnSM65U2TOC75mPrWdcsvnYDu3bb8S2Anyo7m5WCP4szB3SenWQ8n_PkLT7FwSLetzw&google_hm=MjQzMzU2MjA3MzQ0OTExMjgzMg%3D%3D

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 31 Oct 2021 10:05:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpSQJpjyT6pcq617-yem22UoEnnSM65U2TOC75mPrWdcsvnYDu3bb8S2Anyo7m5WCP4szB3SenWQ8n_PkLT7FwSLetzw&google_hm=MjQzMzU2MjA3MzQ0OTExMjgzMg%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXU...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEObWMa555iWGY5Evtn9fUGo&google_cver=1&google_push=AYg5qPJYA4cNV79kr0mCmdpPbO8Kr90ef1Xg2vK_3-TDePBcLBJ8qS83fkHvQGK72xw4p0nLYPfZcekxys8LABz6...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJYA4cNV79kr0mCmdpPbO8Kr90ef1Xg2vK_3-TDePBcLBJ8qS83fkHvQGK72xw4p0nLYPfZcekxys8LABz6ejBHmYFDqQ

170 B
188 B

19ms
19ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJYA4cNV79kr0mCmdpPbO8Kr90ef1Xg2vK_3-TDePBcLBJ8qS83fkHvQGK72xw4p0nLYPfZcekxys8LABz6ejBHmYFDqQ

Requested by

Host: e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
URL: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 31 Oct 2021 10:05:39 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJYA4cNV79kr0mCmdpPbO8Kr90ef1Xg2vK_3-TDePBcLBJ8qS83fkHvQGK72xw4p0nLYPfZcekxys8LABz6ejBHmYFDqQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: PeXidR2ZtS860GE6nIBxk-pEdNTZ_3iKW5_aKzqXAEd4knP138fugA==

GET

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEKn3P2ICjthCG7OF0YEo0ec&google_cver=1&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKn3P2ICjthCG7OF0YEo0ec&google_cver=1&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 800A 0
12 B 16ms
14ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXYlMEcqUsrmIdsDKGRqVb3_M60rJwh5If_OvXUFTopFA86b4zc-Z22ruE9rN6c8fEv6Vt

Requested by

Host: e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
URL: https://e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CCAF 0
0 63ms
61ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102501&jk=3012842546461920&rc=
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 731D 22 KB
8 KB 15ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 27 Oct 2021 14:26:02 GMT
expires: Thu, 27 Oct 2022 14:26:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 329977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request.php Show response
hal900027.redintelligence.net/ Frame BF90 613 B
935 B 103ms
79ms Script
application/x-javascript 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=l6x6viz526e4&nw=20&renderingType=javascript&namespace=de6544072e&subid=&uid=1df2f82bf646c917&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCs-dRcmp-YfCjDMnk3wP984voBo_g-IZTpaOLpMoM8C4QASDUn7knYJXikIKgB8gBCakCLoL0L5Flsz6oAwGqBIECT9B4h6mBPYV6r4nRq2pvyINLqbc1p2OAJSDRoJ2ZVTsXs51PcjFTyb5c1XP--0mWcjzMYZISAvVnI0857R0t2DICb25YhG1qBEdM94CPuReMFCdlten8M37IChtKGdhcJIvYS2Wk39CrvpzdXglgYipKYr8H-2LnJfkt1t1Zr4_ArFNnjv1hhe9gMpjmzeCkpvEpThacACizHqWMZoX98u4gDNCDQwwT14fdhzZJ0LQJEW2gkhK4S5mEeuuAlz1TjWmyp5fOr87_0hv66gEx--az-FXe4RXvTdxiDLmzfcrW_q5Wk9wxSZqf3SP0mFZ68v-C-2duK42JuyIM342OgfPABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoA9_WC5zA9LHXLOCdx8DnNtu5yQ%26sig%3DAOD64_32juyBTovY421upmDoQUnoLSG4Ng%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-CYjBNuPLaMW6V0YH9z31iPYzRvjWrCfJf6nZ1bmS1giKLA5XiTvbOP3WY1FpRqRML19NFM5OdI1eRMl7_tuXdsXfp7mEGf_p1zp2exy-M529vgMl1fNC-dHBmmzRuakTLqUpJZTcOiWXvKZGh-6SaL98t0sA%26cry%3D1%26dbm_d%3DAKAmf-BOWVI69W08Qaxa1UHrplKAiBw8BfMEr2zSv4lIWnUfwzmi1mypUt4a2zG8_FxlzG82npveX8EAup2z_C-qkKXbLIAET2SNj9TmaYNS2RkyOmmiXLDbUI-6j8tJVekcdU2kUv-Nebva3hkUeCQtAPJtxKpBrgUhBVEAwc_Y7wT2fkF1Wp81sPg9bQQdKO-2MeKGOahkdWALdjrQh0aAwQ-UrptZk2NDp2Ezs6d4wQFKh_d-r03G-xOxzo7_yl42he3LIXhIROeoWMN3FcaM1rAmlILjeYlY97d11mNkZzjLOV3_dG7quoWEnlbNKCEZ-4hmdUX3NXKMhmgqKxb2gBXEDVVp58ZCICIdeUUbypzm5zqWstEO6ujXrZsp7qZrARQRL4GChancbC_HGv5nnAAmT3aiAuqjuq4rST0hzyxG4POMGDqBIuJSwDfxUKMfSjnPgMsc%26adurl%3D&documentReferer=https%3A%2F%2Fadaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=https%3A%2F%2Fadaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=167871031572&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/l6x6viz526e4?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCs-dRcmp-YfCjDMnk3wP984voBo_g-IZTpaOLpMoM8C4QASDUn7knYJXikIKgB8gBCakCLoL0L5Flsz6oAwGqBIECT9B4h6mBPYV6r4nRq2pvyINLqbc1p2OAJSDRoJ2ZVTsXs51PcjFTyb5c1XP--0mWcjzMYZISAvVnI0857R0t2DICb25YhG1qBEdM94CPuReMFCdlten8M37IChtKGdhcJIvYS2Wk39CrvpzdXglgYipKYr8H-2LnJfkt1t1Zr4_ArFNnjv1hhe9gMpjmzeCkpvEpThacACizHqWMZoX98u4gDNCDQwwT14fdhzZJ0LQJEW2gkhK4S5mEeuuAlz1TjWmyp5fOr87_0hv66gEx--az-FXe4RXvTdxiDLmzfcrW_q5Wk9wxSZqf3SP0mFZ68v-C-2duK42JuyIM342OgfPABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoA9_WC5zA9LHXLOCdx8DnNtu5yQ%26sig%3DAOD64_32juyBTovY421upmDoQUnoLSG4Ng%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-CYjBNuPLaMW6V0YH9z31iPYzRvjWrCfJf6nZ1bmS1giKLA5XiTvbOP3WY1FpRqRML19NFM5OdI1eRMl7_tuXdsXfp7mEGf_p1zp2exy-M529vgMl1fNC-dHBmmzRuakTLqUpJZTcOiWXvKZGh-6SaL98t0sA%26cry%3D1%26dbm_d%3DAKAmf-BOWVI69W08Qaxa1UHrplKAiBw8BfMEr2zSv4lIWnUfwzmi1mypUt4a2zG8_FxlzG82npveX8EAup2z_C-qkKXbLIAET2SNj9TmaYNS2RkyOmmiXLDbUI-6j8tJVekcdU2kUv-Nebva3hkUeCQtAPJtxKpBrgUhBVEAwc_Y7wT2fkF1Wp81sPg9bQQdKO-2MeKGOahkdWALdjrQh0aAwQ-UrptZk2NDp2Ezs6d4wQFKh_d-r03G-xOxzo7_yl42he3LIXhIROeoWMN3FcaM1rAmlILjeYlY97d11mNkZzjLOV3_dG7quoWEnlbNKCEZ-4hmdUX3NXKMhmgqKxb2gBXEDVVp58ZCICIdeUUbypzm5zqWstEO6ujXrZsp7qZrARQRL4GChancbC_HGv5nnAAmT3aiAuqjuq4rST0hzyxG4POMGDqBIuJSwDfxUKMfSjnPgMsc%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 043ab84fa7787a60dfaa075c6d5f343c94e647ae8c6b61d357abf9ef8b091f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:39 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 89228100059115000710594011764027
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Sun, 31 Oct 2021 10:05:39 +0100

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame DEFE 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 21:14:20 GMT

GET
H2 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame 627F 35 KB
13 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 17:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 30 Oct 2022 17:00:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA93
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDp7-u6mO2W0bUyLaxOldao&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDp7-u6mO2W0bUyLaxOldao&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aGpxc2haV1AxTUg3SUQ1&google_gid=CAESEDp7-u6mO2W0bUyLaxOldao&google_cver=1&google_push=AYg5qPIYkj0VGTXAKjsgxg6mthsjikBWEjb-pQiBkQkzSGh...

170 B
188 B

17ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aGpxc2haV1AxTUg3SUQ1&google_gid=CAESEDp7-u6mO2W0bUyLaxOldao&google_cver=1&google_push=AYg5qPIYkj0VGTXAKjsgxg6mthsjikBWEjb-pQiBkQkzSGhyw2spSMdWq2QhZBJh0OxvbHgzr1vWBCmL2ApNLb0zRHKbPyN1coSV

Requested by

Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aGpxc2haV1AxTUg3SUQ1&google_gid=CAESEDp7-u6mO2W0bUyLaxOldao&google_cver=1&google_push=AYg5qPIYkj0VGTXAKjsgxg6mthsjikBWEjb-pQiBkQkzSGhyw2spSMdWq2QhZBJh0OxvbHgzr1vWBCmL2ApNLb0zRHKbPyN1coSV
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame CA93
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEA4WVf4iqm4q8ted2VgO8O0&google_cver=1&google_push=AYg5qPIpsNW2YsOK4mz6WXWbzDGLFxWXBfIpq498KrmMYOS2dOVBc1enWqt9oFKf9ZM3RxG3EkNZftYn27h2vT4AlZebAGDrFe4t&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA4WVf4iqm4q8ted2VgO8O0&google_cver=1&google_push=AYg5qPIpsNW2YsOK4mz6WXWbzDGLFxWXBfIpq498KrmMYOS2dOVBc1enWqt9oFKf9ZM3RxG3EkNZftYn27h2vT4AlZebAGDrFe4...

43 B
442 B

224ms
205ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA4WVf4iqm4q8ted2VgO8O0&google_cver=1&google_push=AYg5qPIpsNW2YsOK4mz6WXWbzDGLFxWXBfIpq498KrmMYOS2dOVBc1enWqt9oFKf9ZM3RxG3EkNZftYn27h2vT4AlZebAGDrFe4t&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIpsNW2YsOK4mz6WXWbzDGLFxWXBfIpq498KrmMYOS2dOVBc1enWqt9oFKf9ZM3RxG3EkNZftYn27h2vT4AlZebAGDrFe4t%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a6c10f46ea83752-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 212
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a6c10f30be13752-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA4WVf4iqm4q8ted2VgO8O0&google_cver=1&google_push=AYg5qPIpsNW2YsOK4mz6WXWbzDGLFxWXBfIpq498KrmMYOS2dOVBc1enWqt9oFKf9ZM3RxG3EkNZftYn27h2vT4AlZebAGDrFe4t&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIpsNW2YsOK4mz6WXWbzDGLFxWXBfIpq498KrmMYOS2dOVBc1enWqt9oFKf9ZM3RxG3EkNZftYn27h2vT4AlZebAGDrFe4t%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA93
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFmJZ-59LiGl2hGUEOtzvfc&google_cver=1&google_push=AYg5qPLBB47xdBC1NXVDxyATR4NGLmm0Gu29EVqseAkpk805Oibff4tkFVkqQL6gs2g_295Y6I4uAOjVLB6KKk...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyNTE2OTUxMDkxMDg1MTIxNw%3D%3D&google_push=AYg5qPLBB47xdBC1NXVDxyATR4NGLmm0Gu29EVqseAkpk805Oibff4tkFVkqQL6gs2g_295Y6I4uAOjVLB6KKkLBrf...

170 B
188 B

16ms
16ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyNTE2OTUxMDkxMDg1MTIxNw%3D%3D&google_push=AYg5qPLBB47xdBC1NXVDxyATR4NGLmm0Gu29EVqseAkpk805Oibff4tkFVkqQL6gs2g_295Y6I4uAOjVLB6KKkLBrfsR_M4LU6A

Requested by

Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyNTE2OTUxMDkxMDg1MTIxNw%3D%3D&google_push=AYg5qPLBB47xdBC1NXVDxyATR4NGLmm0Gu29EVqseAkpk805Oibff4tkFVkqQL6gs2g_295Y6I4uAOjVLB6KKkLBrfsR_M4LU6A
Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA93
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECrZEfIEJu1OBvtQSSLlSjo&google_cver=1&google_push=AYg5qPJPStu0tB7Bo60OITk5Erd1MAyb4bzK1CxfHvdzb-XsSlCeVrmRtjK_n5ygYVXkJ6btZpZvfx7nrPKfSHeXe-ZP...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECrZEfIEJu1OBvtQSSLlSjo&google_cver=1&google_push=AYg5qPJPStu0tB7Bo60OITk5Erd1MAyb4bzK1CxfHvdzb-XsSlCeVrmRtjK_n5ygYVXkJ6btZpZvfx7nrPKfSH...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=39d4d751-eb8f-43b2-922c-129062dfa9af
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=39d4d751-eb8f-43b2-922c-129062dfa9af
https://x.bidswitch.net/sync?dsp_id=4&user_id=87708af1-9eaa-4af3-aef5-57be2cc29289&ssp=google&expires=30&user_group=5&bsw_param=39d4d751-eb8f-43b2-922c-129062dfa9af
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJPStu0tB7Bo60OITk5Erd1MAyb4bzK1CxfHvdzb-XsSlCeVrmRtjK_n5ygYVXkJ6btZpZvfx7nrPKfSHeXe-ZPqGXBoso&google_hm=OdTXUeuPQ7KSLBKQYt-prw==

170 B
188 B

17ms
16ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJPStu0tB7Bo60OITk5Erd1MAyb4bzK1CxfHvdzb-XsSlCeVrmRtjK_n5ygYVXkJ6btZpZvfx7nrPKfSHeXe-ZPqGXBoso&google_hm=OdTXUeuPQ7KSLBKQYt-prw==

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJPStu0tB7Bo60OITk5Erd1MAyb4bzK1CxfHvdzb-XsSlCeVrmRtjK_n5ygYVXkJ6btZpZvfx7nrPKfSHeXe-ZPqGXBoso&google_hm=OdTXUeuPQ7KSLBKQYt-prw==
Date: Sun, 31 Oct 2021 10:05:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CA93 0
12 B 15ms
15ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ja7XEQ66osQsOifPX582hiejqWsgT00PxPirrJR_Xvm83hSHmL

Requested by

Host: d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
URL: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A242 42 B
110 B 31ms
30ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5yJdvLfXMhny0keqB9kkBO7k4ffw8A0euOCZ2AgVwqA-fwrUuHNNVnjLQp-pfFSyxx5FVOIaiiFtZKj_NMWLrn0KNaj0MkYI2hdtyRiYm8wUMH646lA&sai=AMfl-YR4l2CVOxVSLa0nY-8v9b7gQshpfLr50TrX3whDbhWJL6SGmgS6jo5U1xYqSTqHhrfYC9eFh60rpgdjv1GSmt-y1Kp4y6pa-_-plnxllwhqG1rDbxtUotrXBPu7gOY&sig=Cg0ArKJSzE9GhNvGNbzUEAE&id=ampim&o=480,981&d=240,400&ss=1600,1200&bs=1600,1200&mcvt=1035&mtos=0,0,1035,1035,1035&tos=0,0,1035,0,0&tfs=129&tls=1164&g=54.750001430511475&h=54.750001430511475&tt=1164&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2592318212

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9E3B 42 B
174 B 36ms
35ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFVVAv_XzOfrhT4zHPL9D-3E0aGiNtH4pRAk4g_YDGdRdsQnhloF8xf4KZNMSZZqDjUyzAVGV9X6ImQnUJGlgp3BYi2jdbqwbz8f6FmJ3sB5S7GmL5&sig=Cg0ArKJSzHDD_6Xi3TAREAE&id=lidar2&mcvt=1030&p=83,300,203,1300&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20211025&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2628208140&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635674737662&rpt=943&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 86ms
86ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=ed5c9e7c3b3f8374&pm=bmp&pxo=fTtpnGacwEWyeMAYdxVq-AwoOB7DcPPpH2NMlhg5-2dmPK3OrHzyr22C9kBjuxn3pdz38IeReZq2HtFNExmK-Nb0fAd8cXuLgT9f0szpQ3N1IOfjWIwSHdQNWeyXiMVfLU76gI-Erz3gZN6hPwa-s_GYNWDyKZegGkSo9wmQcwmoGPYMvK0%3D&p5=gfgly&rand=cavlxje&sj=JYxcWCGtGJiz4MouXSifEUyRW48LnSD4dHvwp8SsmuAumd5__ibw4SpegT6jEw%3D%3D&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjig&rqs=cV75Gu-8-Dxxan5hfsh29bCPwbHovMR5&rtb-si=b&p2=gatj

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:39 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame 2DB0 4 KB
2 KB 36ms
12ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=89228100059115000710594011764027&a=a66851dc
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=l6x6viz526e4&nw=20&renderingType=javascript&namespace=de6544072e&subid=&uid=1df2f82bf646c917&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCs-dRcmp-YfCjDMnk3wP984voBo_g-IZTpaOLpMoM8C4QASDUn7knYJXikIKgB8gBCakCLoL0L5Flsz6oAwGqBIECT9B4h6mBPYV6r4nRq2pvyINLqbc1p2OAJSDRoJ2ZVTsXs51PcjFTyb5c1XP--0mWcjzMYZISAvVnI0857R0t2DICb25YhG1qBEdM94CPuReMFCdlten8M37IChtKGdhcJIvYS2Wk39CrvpzdXglgYipKYr8H-2LnJfkt1t1Zr4_ArFNnjv1hhe9gMpjmzeCkpvEpThacACizHqWMZoX98u4gDNCDQwwT14fdhzZJ0LQJEW2gkhK4S5mEeuuAlz1TjWmyp5fOr87_0hv66gEx--az-FXe4RXvTdxiDLmzfcrW_q5Wk9wxSZqf3SP0mFZ68v-C-2duK42JuyIM342OgfPABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoA9_WC5zA9LHXLOCdx8DnNtu5yQ%26sig%3DAOD64_32juyBTovY421upmDoQUnoLSG4Ng%26client%3Dca-pub-2861464200338808%26dbm_c%3DAKAmf-CYjBNuPLaMW6V0YH9z31iPYzRvjWrCfJf6nZ1bmS1giKLA5XiTvbOP3WY1FpRqRML19NFM5OdI1eRMl7_tuXdsXfp7mEGf_p1zp2exy-M529vgMl1fNC-dHBmmzRuakTLqUpJZTcOiWXvKZGh-6SaL98t0sA%26cry%3D1%26dbm_d%3DAKAmf-BOWVI69W08Qaxa1UHrplKAiBw8BfMEr2zSv4lIWnUfwzmi1mypUt4a2zG8_FxlzG82npveX8EAup2z_C-qkKXbLIAET2SNj9TmaYNS2RkyOmmiXLDbUI-6j8tJVekcdU2kUv-Nebva3hkUeCQtAPJtxKpBrgUhBVEAwc_Y7wT2fkF1Wp81sPg9bQQdKO-2MeKGOahkdWALdjrQh0aAwQ-UrptZk2NDp2Ezs6d4wQFKh_d-r03G-xOxzo7_yl42he3LIXhIROeoWMN3FcaM1rAmlILjeYlY97d11mNkZzjLOV3_dG7quoWEnlbNKCEZ-4hmdUX3NXKMhmgqKxb2gBXEDVVp58ZCICIdeUUbypzm5zqWstEO6ujXrZsp7qZrARQRL4GChancbC_HGv5nnAAmT3aiAuqjuq4rST0hzyxG4POMGDqBIuJSwDfxUKMfSjnPgMsc%26adurl%3D&documentReferer=https%3A%2F%2Fadaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=https%3A%2F%2Fadaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fytro.news%2Chttps%3A%2F%2Fytro.news&random=167871031572&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 2e83f83fb9c47473e3b61e1fb727105e243ad9532343e65ac6c3ca2521fc7185

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com/

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 31 Oct 2021 10:05:39 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1425
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame BF90 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2bc9909621a1b17e7e81c75541c886aa1ee101408d3188eb2a93547419cde40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 73ms
73ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=1e1cef16e418246e&pm=bmp&pxo=XKupSqAQl0geG0N3j1b1PkLCCwqJ_w677eUZdVjhz_PjJW1UskvF9dvR8BcU4i5qD6gXwmZBeR1HO11dLd_fp5Oyu-IZG0RCr0DQttwFTVj2obyzDfUJoXY4U76uBxv0QmfLaZc8TjB82Gf9jWR7YocBcRYvq96k_knhCh59-k5AKL1Z&p5=gfgma&rand=mlsuoee&sj=gaVY-XsYT45qpHjDfgFNLka0PV3Ij0z3w47_--yEOR5d_XdYbXl1zGGds8XD&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjii&rqs=cdpb7u22bQRxan5hcSVfivMaQQJ565d-&rtb-si=b&p2=gatq

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:39 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 pre.min.js Show response
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/js/ Frame C80C 665 B
464 B 14ms
14ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/js/pre.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a488b6eec146cd55817197d2524099ba4a7280fddcc9277418a7bb17ecd537a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Oct 2022 08:00:22 GMT

GET
H2 200 bg.jpg
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/ Frame C80C 186 KB
186 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61e1b94a3afd61e0596794559b07e18d8fb3a9028ca4de6a765537c5dbb56ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 01:04:35 GMT
x-content-type-options: nosniff
age: 291664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190317
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 01:04:35 GMT

GET
H2 200 overlay.svg
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/ Frame C80C 567 B
502 B 14ms
14ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/overlay.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1123f0dbae7dcd9fa76d9b4a3e863bdf057d3a0eff034ec05f864d34732a30b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 11:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 394
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Oct 2022 11:16:22 GMT

GET
H2 200 stoerer.svg
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/ Frame C80C 6 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/stoerer.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e11c581d14b7958662f30f4344ce22eb0175cf1d504c85cdd12e0b012d18fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 11:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2048
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Oct 2022 11:16:22 GMT

GET
H2 200 headline.svg
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/ Frame C80C 18 KB
4 KB 17ms
16ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/headline.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1d343d94fb1488f9516c913d74f06f7c4f592c254333ce3d5e9508179fd0456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211285
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4033
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 23:24:14 GMT

GET
H2 200 cta.svg
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/ Frame C80C 6 KB
2 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/cta.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20dc67abd0ba83bdd896645cf1622b4caa1fab80494baed8bbf4d01d2e980ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 21:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2177
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Oct 2022 21:33:11 GMT

GET
H2 200 siegel-1.png
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/ Frame C80C 11 KB
11 KB 15ms
15ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/siegel-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20496d6c3e73bb34805560d37802d8585d0718dca6c8367492f22c454ba4221b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 18:26:15 GMT
x-content-type-options: nosniff
age: 229164
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10893
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 18:26:15 GMT

GET
H2 200 siegel-2.png
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/ Frame C80C 8 KB
8 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/siegel-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f779672e098b6e885a6e5ef13d56bd65955c817fd5cea1a96ffb937a361eefe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 05:05:16 GMT
x-content-type-options: nosniff
age: 277223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8188
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 05:05:16 GMT

GET
H2 200 logo.svg
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/ Frame C80C 1 KB
598 B 17ms
16ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/images/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60576232472f68d95df1af2c82ccb71bd4a30e26d6ce0202d3df5449d9a1727b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 05:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 531
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 05:05:16 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 78ms
77ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=84b08ce614c171ad&pm=bmp&pxo=l3AsM4U7Wl5wTsSxryRrRg2dznrV9jpCZRYe-RGIYFDfY4JswBstoIgk_llm0C1m36Dl1WORrvgWDkT5byZp2dQH21ezw0Z1HDMN-QvFVPkTKrxi9Jghf_8rVBo_sZUZ55nQeuxpadq8OSzF8S1pz9fjlA-0R2jYtJAKLZF3BHW-8oMp&p5=gfglz&rand=naajwva&sj=sYptcAKSeU_BUn4ShCyZ7U8YxBmRvEFPdRSrNhsTrn3Z-LyODHTi6XYSAUMg&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjih&rqs=cdpb7u22bQRxan5hPoLhcNDnpgikGR2j&rtb-si=b&p2=gatp

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:39 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response
pagead2.googlesyndication.com/bg/ Frame 731D 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 21:11:47 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 71ms
71ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=4b6726b67a406a6c&pm=bmp&pxo=7NkYGyuvp5m9JNBSq8SdyoGeBCgw3H0aKsPl9_2OD_McjUyj8WWIUkR3jSsQzkWRUW8FjgbNWMGndYNd4fNBvh2LJ4Ddqt2p9Zmd_u5jJbFNuP1d92WftT9QcZKXyIJzmxjwO_7-JT8SostU45-39WXW21SLwakoVaj-sOoDB6Qexdk6&p5=gfgme&rand=gmqlqob&sj=C4AdLo3s3HCw6spQmSPGW8cnTExL3T1Qat-4Tf66Ym1PJSInrfuiAIzqCQRi&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjif&rqs=cdpb7u22bQRxan5hLLrtw6-yzFOvu-xm&rtb-si=b&p2=gato

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:39 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 74ms
74ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=f804f2ba03d08cd6&pm=bmp&pxo=GrVJVwnJvuiGKcKwtDemkKRXs-tKCU4d2SJUUfwEF7KpT0RT91_0ZJuRwEmClGJxPIHrlNPFxQBoANnWpUI6AvWQzXMlb65xrZ7qY9RdRsKHk0cWa9aSmv1KZUugT3LzUlSUASvFsg_a_rD4B70-8UKFWaRrXtXHBvEDBN4WHCtEuqai9us%3D&p5=gfgmb&rand=jyqbuym&sj=7LMF3S52TmY-3OveCaGfU5nbPdpj8EVNIXJeCtmCo74nkZQk96NQTF5dSpQU&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjid&rqs=cdpb7u22bQRxan5hbgBbpoZ0vkCj-Oyz&rtb-si=b&p2=gatl

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:39 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 67ms
66ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=414042538d92eb8f&pm=bmp&pxo=Pjy6faHofA85Qk7C7-HeQdC6UqXGu9EMCj3C6WMtugROYA2dufAJMieEfocbtjD_KMxPvMYjNYKFUo2F6sISujZf-HG1_7WtO4rsqQwsI_hfdaBTtEznjQ58hRjym_OwG-L9oCAmBAVchbHIsmPrvRfsr7jurmBDx6UMJmNkoUwyBDnp&p5=gfgmc&rand=nisjaze&sj=ToDTi9LIoBAQwxO53lGOf2BMv442QUX71ZO3sKBHGelURRzeDEG5ybhtG52x&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjic&rqs=cdpb7u22bQRxan5hlMp7RLgwq8qI4TrR&rtb-si=b&p2=gatm

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:39 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 79ms
79ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=6fd017e74a99da45&pm=bmp&pxo=PUHia5JLGCOdqCyslSGfqTMETKbpxGC12ESQxGAcD4bKqFbtBF6WMPXp0evOno0fJrzvnTGnEc5ctQbSLQrXv-chQvxQNgz_7rtCHwi2tY2EvHvyhCkjSbJBOeReJmeKIbXmpjXvumNaGzdGS59sIduVz0SiUgIFqGrx7jmo_xUrqOdO&p5=gfgmd&rand=fgjeclz&sj=3tJ7hUy1NAaMEIIpOAsQWxUZwqaIS-NW5760F4pRXjKPilfrsBhrCIuoa62x&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjie&rqs=cdpb7u22bQRxan5hzBEr809BCDlz_xIm&rtb-si=b&p2=gatn

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:39 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 902B 0
56 B 43ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102701&jk=1534875313073681&bg=!Y2ClYCTNAAbUs_yW1LM7ACkAdvg8WoJ7VpmMPV5KABqP36jO8mIE8t0eRBgnB_CsI9DXRAsIkvrXfgIAAAHdUgAAAHZoAQcKABtFK4GonVnmECSjHbUcrNZHunTJlO4yCLrBh_SZAr8mv6cXHWUPquH6QYwo-NSy90m7bY_SI78NFc4mgMTQ3gIMLCbZ-KhaWZz5KAuu0liqN5fs1I9EsnXL-TdvVhmgQ1FM6GgbPO_qg3ZcaS0NGMsfouuScUvrwKbdY2hxMEVHWjtdvrRE3_zLWRfGD7SUbPzy2Inn3sKw9NUYcKCedqbCJHcrXWu5-4QlvOgYV9YoETcNI3kFIj7TcKV3zolZHg0wcfuyx_GOkNWVAbCsat156iXVSzRo7ehTH63pOx6MxaUPgd30oioMDEKMRcOE4FWPTATTfV2tUxOZf54Gbo05IFs2kCmKB0qZWZhwqseA6aQRADIYGQwN2ZVTd2XSqYtKHC0CARzGfj0b35nWmke72Z8cEZQtDBe9oaFgub_IdLaZD6U6B1wRxS_Wx_iHZSJndUBNaOVUM8flDJJzuFS2IEo-V1pr-UMRP13J1TyRR03xResInz-JmzGFppQn54Azthfs_lBwTiQwAlrSblqvdZ3mp8u9KAKx8KkxFHQW0sgOG6t5ThUvHo6gj2Y02_lA4kGUxXeXLIBD4qhrweErgI6d7apJAahOvNMJ2D4AnhXNot8F0tNcapOPAipvCoTm0ErCNcTN1tb9nmE4NnrwRaQPmzUoGWnzwVoihYl6ifhN4T_ufMkfVD8Hc-30EW3UsoGwHfLO8q7lCDc609vFwbL0tZ2AES3l4FD92AFDNGf4rlX6XO4ZfhXAuO-mZ_tfSSEsSuuuWcyKCV_MzW8atzUoQS-GtEsI2pRIxTbVqy2zLcghikbeZi_3W-BTa_4QqgDgQaVhYpNpf8DFWwsJyAKkC6fZCxrvJHTUIpNfmx_Q0Cth7Clx3VQ5qAYJthO0nGY76gWqUfaU3vt6ZjudpOzjg44hGv1Xh8UBdJVzPhPyF4FNoClS7MhD5DO6coaCQj4uy55hpo6fJGf8

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK office-970x250.jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 2DB0 49 KB
49 KB 36ms
9ms Image
image/jpeg 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/office-970x250.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=89228100059115000710594011764027&a=a66851dc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: c2c0438345e8266d1c5bfb3c5d2e6a4969ff4b714300e4e2a40dc2bf8bae4fef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Last-Modified: Thu, 23 Jun 2016 13:50:03 GMT
Server: nginx
ETag: "576be90b-c36d"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 50029

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame 2DB0 0
150 B 37ms
14ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=89228100059115000710594011764027&a=9b24997e&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=89228100059115000710594011764027&a=a66851dc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=89228100059115000710594011764027&a=a66851dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 10:05:39 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2DB0 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4026 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVFRwcmp-YYHQJpTv7gPX-YjYBAAAAAA4AeAEAg&bg=!8POl87fNAAZzbWp4c207ACkAdvg8WrFsWencA5UOS078k7yNvK_kokl_T_Z5ouFfSnyp_ZPClzqrlAIAAAGdUgAAADpoAQeZA3bTScXHphencZLyCDpjGq9s9M_byYn6LhtucLLuLAplbnJAirkn6Gog0Spri3OCY6BfixVwKgOcUiipLTot9PLZlDJEBhPb6zODsYh9BmmAR7l5TJXqC3kriGQ-WcMGj8Isrq5QLm9wqx8RxqlRR5NnNMyho7VA-jSR1CCIxkcxJ_WU_KK8UdQOSsh9YrfStRh-OAfVJtd5LeXqY10JEAIDZg6W1hL2qLjBzqHL0fM9q5GDXcMCUVEcqcZ3aVDMx0c5rJMOIGIAUVzonByuFTYgSSkW-u5RQqPP3vQ_J2iYzqU3sLB0JkLDTKCY9hTPbKPDw6QykYZUZfrg-SHQV-CZz1yW_QGoG0fOYyKRVlGLdBUEaSkUlV98-NUFWydal04Fk_38oh7MIgzLE2MeFR9E14w0st-jQMeKgYgRLjJ-R3HFXF5V1dBU5vq_egjba8ukh462OP7y50PhyF2Cs-8nIUxdy00VrLWyK2CfcfaKjFaxH_9ER9PoSEjWylRto7QpqhBtqbkySzJZx41U6A-aAPLe93QjPmTzF6M1FogBlP9nrG2SbTNDt-kEQHjPlrfyoEFiMoV3K1c1BC-6KcWvMUmaMeRBGiq1n-g6jDtfeTuFebC1RKp15DmrXLXOp3mpa0L3pCRB0gPWT1biO2nlWnmQchHw1v-9hEifXU2Ui3lUu0Mry_kD3vIOQyj4WR-1F3tsZEwsvmBZt7iOFV3TKC5TVQBZDOEKD5-R6a1eCsS51gGYc5oCZKd4cdLuB_p_C02bFoL_Q19qS2JPbDxuXhaChGdzYSRqH4uLu5mKCMU1E3rGp0_DAsPVIWqk2xp3DdMI5pByPJH2Vigs0V685bxx6wS1wCgJtpZmGHyGYXdUuMzpfW5hKgfAO6pNEQEhvzC09SmNeJfihmOZ0Dqm0eMyT4McLDKlAOYx0GR5BE9FFaYRAdKK7AcqxOb6wVhRlpzGs9io8O-4RTK5IFQlK7DBS1bdqd793U2hm5GaXdcGEhBpCYq4rBGcp0ngNWauJzk84GBk6LPQmHjbkUveOqpWWFBdtkxjtH6FLZKxOBkV_qz0iqj48iG5mItdYOzEKGewEgY_6Yx3n1-3jCzORExS-nNlqJrtU-Vqqfd66oberyoO0vETeZhzUD2bMWZ0h52EXxCAl8kc3s_VLAVI7OBAWgGg

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D86 0
56 B 44ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102701&jk=2697723148494942&bg=!3d6l3prNAAbUs_yW1LM7ACkAdvg8WtmhfI37srWFHxEWoKuOyYj0U6oG10pYdigJH-zk4hs2E8hpRQIAAAIBUgAAADloAQcKAGZH4k8jLqqNVBk8CcqBhRDKTBtAR9n8DFOr5mApBiwtvp_6bRAUX4GziIAjgt_Bxk-KKKUdlNNpblH51n5DFEU_83o1PKmwzlkUBLR7bC0SwWZUF71HTUuvwzn1ODl5a4boGLry-M6ZAtCZLFfXgdvTCWa1gbOW0KAS-Csmr74noPl_FZtqD6qMJ3suCiaaPZNS3hwqJY8QjyIrqatEVoPxM8uxWQUqnhktJ-7pALDB6Y6ktyV25GD3g1LaZIf2Skg65E4Jbi5Om0CUlce9K4G5wVBTOvxGHGIyoqeKdTdES31Hbkh53YfyX2nePAo6qoOpbmEjAtQy2dcS10-KY6yvN82v89YZtEHZQTaubXPKNQaFercjih5usOauIgQq8tnyHrG0aUlXOg6mTKywtlGczzvaOf4oXEueyzSlQK_1dvtqPGU4ZsfPmzHSmjMgAArEcCZHxUVQjKVxxkoN73AataRjJPJeCVZv-GSpvPRMl_IOY46R60kcCF9xwRT0UNb-6wJ9K6LQDS_daPR4JFqn0GkxBh1iSz8hvWhWEvL-QbZmX9aTKg8Yy-KAx8hw3SsnpZ6iyFYry3ranKxZXFXNk-POj65DIBYi89ErObMLo2e42703uOqhCSvc3-gNj7VjeVD_7O5uJRNWExctAwCxUT39K9H1GF69cPgndAp-EOU4_Z8hblLFPfH48uQo4p9CSMZF3b0mZyNIJot1zLoXFcM3pn_MWA2vMqUqmutRkWb_7PRimLA4uzcRLSMbKAacoiizJF-Zr2eScsy1mzMjsMS4tAApIK037J6GcWVwU8Ow2_BMByOka_nTtOs_jmNGCDuKa9PiyUBIAiFHVhDzODvuRqPgM9MDOrKejb1g4nsPh35D4kYFxyGOTS_pzDvwEuhvhBfWIn05wA_RMV5AKavUctRZO5SHTMSNaJjUqtSgm6WAXAY57vhWeYnLQqW4aChXBuG8TLvFzeFAaoqP2kuu4CDUtVf9vGqG_8DJ7X5jaE6FS9L0PG8RMXMA5uJr_ZpS3eM_oMZG2MU_CCzbBILpnC_XkdYqwCR062v2czXBwsSBnXn2kug97AFK2upXkALvHqiwZ1s

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAD7 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2ER5cmp-YaToKIuJx_AP3-206AsAAAAAOAHgBAI&bg=!Y2ClYCTNAAZzbWp4c207ACkAdvg8WqQwmEwWYwzTTtfP2WomldeuexuNC3mvZOd8sv8TzsfAjSdmogIAAAHQUgAAAExoAQcKADAUWSph-mn3xyRSdsqjvomGUuf8fMCxqnL1D1th23GEV6X6I3qo0VdXZvA6ImGx5K2ZAzQQXXZdTpQ6Rvwkzj0KuTbDQ9W2jkqpUNecVJgKN4SzpqWq24leh_GOzH4b-nsNiGk2880LV5EFYHIjwDhLvnax9-Xy3KJSDy_u_FBICpAbSiZdfi3WSo2b2pVMT5vWaGUyAZm_w2awXtLMyWQN2_dEoueWWISq__wkr11QHdPrJJtqtsicx6ue04cZqkUceU5TDHIJOEx2OSS3zh8dIlI8KGKiJmu33_WyJgnD44BQkZ7layADohSlzap3Usm4aUCWkhqtO5wExeP47Bb8Bhzt-TQZnI0OWBYXV_o2mRYV-azzszX_QXp13Rfu_krMpiSrRGHMP2Sia89hSUSwHXVzJVSL6hXogXFKOjf4NWC-_3wPJy9L8242vfWZfDc8aG4AgGFDKipRxQxmf-CVodXTTbXckeqz8W3Jiun30o4kr3b1JFD6Qo_hp2zu_Fd4OnP71EeBZrIEUOEVnI32LCK1Ag3oG_kjrV9Q_yj3WlsS0m6uT0R6oDvNmdnLX16SlwAtbrL5Qpza88seCNOpNTYCwtjW8dWf7u3m5R9MCndliXZ293jkDjp52zU8JERezoXl7r6Bj-znKJJMknutl_Ep0uUMygw59C_OphlV2J6rL0XLME6962ky68VU32HB-ce3wYy_ByxP-dY8qWx99XaVTelvFHXb5fZ2ib9LdmavIWSSGwhiXgrqDVcaMpGKk-bp-jWiLMpywTaHz5NOUlvFQ_jMXdB2tY2LjikTqF9_wAAiitsjRC1TLrqUbQq_MG_M7IOsHDmQVCDx7aUPUlCSVR5WPheHdAW8Eeu__QTUAGA1jproBjAyTeugtjvShgGW4NbFbyxSlNGX2uMosYIHUlFKWYJo3dwNXmL1Byjzj6ifr3xssZ688MsbDuW3om2VROr208C-RHu3W_U8MaKeu5ChQuNMwU3aFnOX8YZ5-tukQuHy-yOZtUQDgjUndHghWKlQooxsjbde0rEPn7nscsDpHD11wNc1G091hdFLffQfCGXaQVgDtbpQwSF4HcxxFmUyVkDRnb8zj21KfcE3gSoxeZVKfLLhrSPmYBDJgTccb1tH1ad24DKXFx2s3o8FKZMr

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.css
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/css/ Frame C80C 4 KB
2 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/css/main.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/js/pre.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a12ed550b1de19a97ee625f2c15b1dc262bdb890f0e1b66464bdedbfc90b0f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 21:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1482
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Oct 2022 21:33:11 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C80C 60 KB
24 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/js/pre.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 10:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 31 Oct 2021 10:05:40 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 14D5 0
23 B 63ms
45ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrzFCBP4kd6sDiNk8eqyoe6APWWopn0SWFVtHD8oKIxhIr1mKvCZSoGyR40qjIVkfNFAoOXXlKrWO39hym8qtgKL9rZNFQJV7844mDxcxAL_yGdV9kYWp4g_iGFi0-FBpYkhtxjzBqYK6IxT7X6ts1oMuXxGAu43lq7EdZwrQIgjajuF88YWhQBksIdidyQVyarjuQxcCgFDKrCw-gHBKhQ50NLwjUZDmOkpZ6IYTXm8UYcSKgk7ooS-Cq_BxWifeaf_FhsF8Qt0hI8ab2v3DOvx0gF4RY7J3r_moZZWWapihkw1JGuUpASVkUCN0qiWg8PMjdGso5OTk9R-YKc6TRJskSj7n93qnDXcx-AKPWVZLNSQpb-86W7x8Ql9Lk0CPMiFZFhd12CBsc4OFKt2w5-Y74J7BNMRR38V2x1N6Rf6OU1NQ2X0JrvP3xTXwpRyXYkuI4AxygXW_Pt543Dqi56CdeUW27VYugB3u8u6Ru_KL0KJUGaubuixhY5jRXvAdZZuyX45W2lgoZsNJfGFqcdtRI3ZZS0XnkGHB832wmvUogSvjv7ZE4Ue2DnRgVBQO0v02N4b8DJn974egphJvnz2EAcBYXRMT8kxZLDIA9GK2-ReyIz2Q-Gm8XWcj8m_fVHws7rt1jZajQoTJTpzanQRY8PWoeRPzZMn0tJBKeVqJ75QvUqvu1oSxNEpiBHVtN3dD88MYSGVtEyvUVYXvGqB-R0X87HMd3EgOjKvLDK-P1PHwvR5i5R2rHxXkgeLxRZeCVUV0dy9I8JFeKiJDdnASoxnV3nuv8mULf58Zduh8tyCPkL43eETk_4Dnl2Qu8kz0iysVjIoHL8RXfwSIvjdG6b3rjzJHZmsgsZSvy4OAwlCVlwwGj5a-LtiFkAWUzSarGgdxZxC2iwp5UFzzj3_hKfR0jSi50vARCwZlL0vHAOhDsWA5xuGrmVDOKTNeO--LTF8fjWxH3NJ2Ek_UzcsAiwRRGGmQ2WvtFSaUZypLCcUVjWMSEPi5gPTJJGvVXPcgdxAjwctohxsg6k-qxznhkBecxzGl_jbirT1xgu3SoiWWN1NCDMdFP1TZPFGmJHYP18RiIzMwa7deW7w8eTKYeF2lCPql7dqLXLeAvERDFEcnfuM9fuKCPRqZCiKW6R68jkEY0okylf7oL1QHYMp68ml3ZmtPjULsJQZLB5JrXm5deQJCig_teQLknJtw4Vb3PgCWmUVjPegSNlav-eTxU5RPjny9pb0isHWIkd8fhqjg5E8Z1diwXq41uZEnSLvV5f4xi74KWBLBZkLvC7AHQ&sai=AMfl-YTENxjYm61_cDoAQrh8YDtUpnADXRqbCtkQagR4KGQb1-eJJSFbmCKUo7v9dHQ2ef6w1VM9Hffd59ey8UlomXo5sUj8S9z1NvFBJhEhT6wDryv0_Dzb82t_RuR6kIf-mghhaNT_klDuvLfOFLorIYb2mi_YwU9ZnCkae_Y1GKbb2M9oPoOlmtBndjZwXdejJXjNfc7WZQyhVXtLuoofQKs7BQW8j5vTEwqowlqOiOzxMxp-gAreV0wWiHXU-hykp6AibwHwREuQenKW7iVzmV3keTOPa8vkO-Vebs4r7nAH4XkQUgwW6unm34p_Vyg4&sig=Cg0ArKJSzDonoReYVHeJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=872&vt=11&dtpt=693&dett=3&cstd=177&cisv=r20211027.66342&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 14D5 0
56 B 40ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.289,e2e.1278,fs.274,reqs.275,ress.289,rese.289&srt=15&e=&id=csi_pagead&gqid=&qqid=CPb1lZ6z9PMCFdL1dwod3tYIkw&rt=lb.391,ol.989

Requested by

Host: ytro.news
URL: https://ytro.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
910 B 56ms
56ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3195882;u=https%3A//ytro.news/;st=1635674737299;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=6ad5d18e20082d0d;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1635674736414/////157/158/158/158/248/163/249/420/422/424/885/885/926/3651/3651/;ni=9.4//4g/0/0/;detect=0;lvid=1635674737398%3A1635674740066%3A3%3Ad3edcdd251d914232074ca1405519be5;opts=dl;visible=true;_=0.2886644549163746;e=RT/load;et=1635674740065

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://ytro.news
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ytro.news
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://ytro.news
access-control-allow-headers: *

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
911 B 56ms
56ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2731601;u=https%3A//ytro.news/;st=1635674737299;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=6ad5d18e20082d0d;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1635674736414/////157/158/158/158/248/163/249/420/422/424/885/885/926/3651/3651/;ni=9.4//4g/0/0/;detect=0;lvid=1635674737398%3A1635674740067%3A4%3Ad3edcdd251d914232074ca1405519be5;opts=sec%2Cdl;visible=true;_=0.5003092758758354;e=RT/load;et=1635674740065

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://ytro.news
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ytro.news
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://ytro.news
access-control-allow-headers: *

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 60ms
60ms XHR
text/plain 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sun, 31 Oct 2021 10:05:40 GMT
Server: nginx
Connection: keep-alive

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 15ms
15ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=222498&sid=227&wh=1600x1200&rnd=47373400056&lid=0&tid=0&ttfb_green=420.500&ttfb_green_cnt=1
Requested by: Host: ytro.news
URL: https://ytro.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ytro.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Oct 2021 10:05:40 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

GET
H2 200 main.js Show response
s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/js/ Frame C80C 5 KB
2 KB 15ms
14ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/assets/js/pre.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2db6772a868844581905760ba68a6914605d24819de66255a6e68c818c4cc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2516891332097772497/04_Think_Phase_HAPA_Banner_Einfach/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 02:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1761
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:44:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Oct 2022 02:47:14 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77EF 0
56 B 44ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5hprcmp-YfeCMI7U7_UPm4SkoAIAAAAAOAHgBAI&bg=!oqGloeXNAAZzbWp4c207ACkAdvg8Wm8kX7Q2SCv7Nm6EKYpAJzuWDEqMsPp5Ae5OUegPWfQoJd6cCgIAAAHTUgAAAD9oAQeZA2VEDFaooGkBXzPdRDTivQu-nK0eY26R713BfrtUfD_fKX-tRU_wuO2g05Kndj06kZX8QsMxH_1ghGadzUAZtTP4KMFvhLqLgMiyh8q7dh983ktEXG7RcFF6bGzfQCgZPV37MX3uuGGXxjotlDo2IUL-G0JAGF_l8lVbKzorSm_Nn_Veh36SYj9YwJyc_fmY3Zfm6xC0FSIF1_-y4hgU_RUF_MpY2ORAVz0qNA2VgBEVNZWjwXymJIOuDStpebiqN_XBfXCfBkcKLxljNCSO-YJ92Wrmk5pjUTUUtqR46sFLtDko8A0KzfJzyVIgek_3z8y-IJhu2TIKme03GVK4NjeB0FKGg6J1hCzMUpyRLipxvSMMAhodykOZiRNHFKr0mu7CFUIT1_Hd3jC_17_J6D2P_jjZCL05N14G0nJ6IRzwRYAwtbbBHJAOUwz3xubMJ7b54-zFgSIShmxD4yK0hRSLfWpppf0nJO0E_SXHjAh1WRCFrGE_YmTLW27fxmeofNxbLgsoDtL4OcLl2OAw5O6b25SkLJMGTJRvs2GeraAtf6q77XNilZa1qcg1ogtredzPjCbsTf-BRP6sJplZEkfjmFN--e9t_NLBOO6gxoXjHhho2WXF232iti_Fs-r5WZA2766b3Z-qKIvRvgQqnm43jwDib3NnhDvHy2xQCdEh1Zzso2Ub35gGwq87rA5TRKMt5YgY9xCq4AASMmzGtU32BRZZC69nbSFKG8E_DoiG06jMRhTR9RmvJr0KmfliEiX3UtrHKLef35vZsJIPwqIUmRPzKRbtjXIxKsfShCI6A--kxiD4EMN-SnmsnCHD0GidqmLvy9zICZDgdeyzkVhJdQ7UQR_7CUWcMBhyvyyHjmZgHVaBzfP7LE6HEWk9lBPd5fv2nOr2Rq3sphyAsHU6ZEC9DuJ8utVfKO40vQqAG68_ud6ULRwxcof7Dc-w-S24KJYsSvGrShiOKAVXZCw3h6vcpBJiT1SqA4Cr7AgDc38zvpV4WUHUA-wyENOiao1EoYo25ZsZw7w2mHKIMYKdJkUBxAOwMNeysV5bnUxOGzvgl7rgU01nDpqnNCyVM9Z5DixL5AElZjxjlFv6qom_OLlWEhjy54wlzGGZqRYMZ3S3dRu5TC7-8EgRYLyQYIQy6yYlKg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A69 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102701&jk=3461071576580863&bg=!ammlaS3NAAbUs_yW1LM7ACkAdvg8WumoDFEImmc5mNt9VPFzLe67bctfXHt7fG4aNLaJWhJahJriYAIAAAGzUgAAADNoAQeZAqRQJ8ddzqCQ8I50jJjBV5OtNU0N5Es61EHcUyLZj4lqJ3wZhdogQJXZua97LG9-Y020-2F6tDC09-nu6vGUPXEA7qNqcxiLC8YClAnNjAVp4rtGam_h9uG-3-ONoWa--BWrr-Qgz6Mo27jCpEmJtdDwFibx4dXbYV4hU-ix-jnnItHMAX8Ix7Rjm7Dq_k3nRdEahGWL3BCRBZfTMwcOhgWuGdOo_-sWGZc8Qgcxq8G1U_y5IejsFF7rgn8X7VtOTHBTzo5uKp8xpPkiUvK9DsaQRy6X5A9IZrPDpYILEzbzZlS6uHCqRrsrTn4orJUQp1yRSLXLW9B6hBrDsC7k_xbL8i0fcsFppnUeQ98p9xjHOW1oXGYv9-tBzwmPvjpoqBnxQ7IwIYxFDuX7MQ8BaoelOnfRG3tspI671-kO-LDkO_PSVLaJDDBEw8PrQuiT99lznu1yGKmnMy_tJ-hJG7epUOrHUgnEUY-TLoJfQHdK2XFNZhnNHYu0wFshAqfWBNKIGTHleLbhr6CWPhmBbvmsPXH9ZY4Qsc3JlOTCyH-kISQ4ejQoTylxFGGrHrKR0zavlX914NN4lIrCfGlsQ1XBCdA7qyOqbem-PBiAYdHbBguVOaRLIA8xwzDv_vUqx9ckobmQ8C3QdFgZm3shKKKpKPFGezYTvUUFF36u8KzjKe2hApC_38-eNACPJ0aRpLY89YY-1SBAhff9Y3a3DfN2W681OCNVi129psjKTOtxEN0VcK5tk6xXGeTvPQglgEUyVOV_bEMO8mb2paWkljbrt99WdWGeyHOmLyVEEk-NN2l441jfIXzpbss6gb_m_hcDYiQK76-ZmS4_9myk9NxtbQmIynFeKQNMEDUFYVVfkaLa5B1DORHq_0KPLUAho-2NQD93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEFE 0
56 B 44ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7TzHc2p-YavdAeKwlQf9i6GIDQAAAAA4AeAEAg&bg=!mpmlmd3NAAZzbWp4c207ACkAdvg8WqXByLEXGe8FccKWqVlfDfEu8RYSVxFXE0ZB_YEfcnSHDT7InwIAAAFyUgAAABxoAQeZA2oz_RVnf5aXRE8ES6p0VzZGKLYCRTsb0w7tpSVCt3f7tUyzuT8gIoRevu4bQNGf6YRv_hJGFvuESzdzq1a3MHDf6LrYhuK1-a-r3EIJk32tNnx7ezrS8Gjt2rIndcePqbO8dw8Xp4EfTA6aacJuz2mq73EFnJQEzrWMmcZMMA207fdg-88bkN1gGvr-vWgpCHj9E3jpB3S-OJeBKg2Fzj2GebgBEyVrN-sVKSDIqzMW7hVmYlsMt2gAjxCc3BCtRs_N6SiaSPisQsRKaXCip4YPjo7p_HqFafYb0BTylzOy5BL1ymtdmR0mqNdC9Px7yp_fo7IhuK5DDbk8Mbx-vBPaTlkIj-3h7Vqviubi_4YoPLzoeT5-Q94vhMnvh2KcdpK5dn6uNiMb8O1-8bvfYRC058mUaS8KprqnWPjchYlkjZfTYLORyLQprFIHVDCeAsleSfw91m2EfsnHGZItovi7wHNp3y1XKUIsyjAJc2Sxjf89lUFBega_OyqMCq03SvMePD9p4WqRqw559FBR5zpRSVgu4euK1M99kBzOkRXP1DMAuk801HelncD7bdQuR2wSaZ1viqHXO6frPBWysTHW0cGGeS7M9EHbBR5iqVGZpP59CMU2paNM1qc1hfg1WCAtuYUylm0NHyf_MRzzI9OjXoUVmAb5u1QEBtJfo_h4gVBxjJQZuCgDjgZzMCqeptzNzwxIuX_E6yuBO13eVyWZmh7s2X4BH54cOgAHFiAZN7ZwokGTILVLW-3_IeE6srLuWNJpm9iCqDi-krDIL0INq0o7lagQpB4FtwlJpznYYW7feoeP-vxR4Qv3vi_ZAq0tENjHWZwir7WVQQxZaO1DXn4Q3d4wS8SS7Mznf2szHOsvBBZoQA2Hf7FQB6prY_p33eqf9yGjuAp0-anPKSKd7zFtwynH7AKJ8mvO7MfZmBRBeFGaO3SUtU2uAWw6eZpY-BXdkshtK__DWo9_p-JKolIHRIq_iQ2jNsC7Uc6JkiQmSgQ4MRitK5nWbCoPG_IyYl3d4z4c3uY4dyXf4V7SbmeJJxNrzIf6wD1fZMSlUvMt8xppb4gZOmhwL6_il9LIfxf1MYDbe9lkjth2v5vi8j4WpZ24svX5qwakgCWiMn69CGieygfUO1Ra7pz3TVuug2NLNUaahnx_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4984 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102501&jk=3012842546461920&bg=!w8ClwITNAAbUs_yW1LM7ACkAdvg8WiAVYhWYP-l6mhmS2WaLu34Q32FvEBBh4cVFm3JQWqGDL5wh1gIAAAGIUgAAABloAQcKAC4wbWJ38y4AzYqvqfBn7Sw0WfaCsO7Uh-O8-n7mhu9mt5E3UzMBM8p4BkmS2Oe-mQLM2xHiMdtDxCLFCtWTSeqeBAX1Pv8DT4kIqKRxaNFCUSbXOjMxCRsI3TsK5Xzd_R39QHqpYY81vurFR8d2FpDHZSIg1UD6AYNF_fpCI-oO418pyZ540ijgKX4uO7Xdi7REspztrLEPVALZS0t6u94SarbMhDonaigl8yxoqx7duvU0COEFAbaCEUAg0u2oblzMb371KqHafLhGch4MyFg9h_iCWXVaSJi6St09Y9uZ2QpLXse-uSey460lB_GbDYcIp0k5-WuwPRuJwGU7S1QLAoQ1FwbtABEyp4tv7PfNuZHTdBBKel3kCvyFgPHDtsmkb1msLdhjbDWDNNkyVLDYWi1Kh3_h77dqXp_37bsMVZT7q8p70N7oXb-Wj-EoY2-mEVUocp_cLQ_2oayMLLriJbnh7civ8JUrlGs2Gr8lq9JpTayHHSwhy2MsXcKJ5IDWVnyGDLv-FLITopoZWZRY8fYxqYPQ8MCiWcQ6CdzuJahGT2rEvkUSn7AeN5k4-ZJ6bc0vRPpWxQVFPd-Q8UCTkiis3i3FNjDQL_Ta38ceM1ykNagelGbya-jNlNWjGMJh0zh8eKABaK9GE0_Rxu9B9LG8qevyKF9pPkbn7XRQ5jcTH4MT0BvgRGLOlCyq9R72gHjY6GfXceVy7SLoC2EnH1Lq8FunFKb3BS5dFLg_EGS0c1wBZ1zrVzQ5m4jYLOMXen4t6UmEkyAjG3Jnrd1wSp1KQGLPPKQkRj2whRPyJ3gC-cMMtmLwkVcxp3Q-NI2FO1ujZe0wwz77Jv3WIkxcnkQbSKaus-WxQgt3hwHP9oWThhKXxC42y61WiluUkp-6I4pYUsp4hjDZz93WMx_Lb3zBjveo6lLgpy-c82nlXE6eX21Z5xB-6EUQhByadCbjx27M-7T3HyI2wKPHU__iPnB32PTqVlFaQp-wte1TiSUwWrSZTMlnTKhz5kY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 731D 0
56 B 44ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2ugicmp-Yfb0LdLr3wPeraOYCQAAAAA4AeAEAg&bg=!HxylHFjNAAZzbWp4c207ACkAdvg8WrT44YKAJwHAJff-KEvHyoA-BAxtgbPA80acvUmdhOe1nXsZlgIAAAEOUgAAAAtoAQcKADro0rOr4fRRxBWO6AApSqSZBRqJlzAIcuub1JNMqcJBPUx0nLVAR17JOd3X1k-X3hgQHV3-t6LnGNK_mQMUdYqDw2XFAEvBc3_POwLQJwUNwjKyFLjOX-DTKWDZYMCIQ9y_q3uFRQQYDNz6j7XhRN8iRiRqIOt3xe7rn6cENCCBQ4Woz_4aa90cvT6kGRNVWx3y0PMO4zNOOsbc2Jz4z3vEDVmcIMfz-HPEZd7fRHvxW9dKp_hhvLaYI1KvJmr5NPDbL8TMB-p0tb_I0pBX7YuEuO97JdF54HRWqD45Oec98k5Gp6QiqsAmXHnVEy432ccgrUCWY_TG7GujyiXyrnxZLJPiHV6km8eiwBn3fKCeBPWXY3cWKaF11tg5st5hIBTkTVKnXLjAEPCEfRMNr-BTfOfEepPVKylFETR0goiARO4aG9GIR_YdMTYV--ySZWUkMQJ5qrU_NFLeRdeP0MwXVaML3ezJFlbhwXhIg7WtIQTcei31rMN4vqxraSb2hD1L3r8jSGWcaBDXTWgRwy3wc-POvco3Ikneha8KMImI9AGOMHBxjAe5AP84fDi_VZ0EvBbRKbKPxzf-eJ_eCOXT-O-TvoYqoV9TX5kfhXJYudTHgkzVMEDoshIhLDf-OY9DOGIBYGyNzyIK4zQ1NEIz2kYQvn6sZNJ90_j-IxYhuSo1Zc1mQGTu4VNlbBPBstUOH9wX7bms1Eurf08aj0-I3XDyr1CGpEjgBMNhieLQYD1JUFhlsR6l0BRoO2TYaGZlbgFYeDZ40LCmgztGGzMK4jvATjICl1TXlObQfnkeqPDCnyL5GK_wahpHutRcsAC7Qx8Qg-TNo5AlZkee3kZK9uqtQlZf6QIy_EPJVb1thEUYkszWbEz32Ir69jxe4OYl8Ezl19JXui4iXufbxM_0xJOnrrgcj1YAUFB1AvlOiG2Lno_VRlwtBp4I6sv4e6MAQcww8ypzesgKQxmIm-9HbUXS_Kcyt-ig-5OSRAwFF3T9Z7__Snn1Ax7zVvW-m1e594EnDVKppRQZZTQY24YTUYPFVHkR68cTF1aDbPyYwIYRQO8IcQszCVUtXtNBi0mVj1xfJTT41jzpUVWqWe0gA4OoiM7wO1f1D6u578wdsnY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
66 B 77ms
76ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=87b1c15f7eb2d3b7&pm=bmn&pxo=GrVJVwnJvuiGKcKwtDemkKRXs-tKCU4d2SJUUfwEF7KpT0RT91_0ZJuRwEmClGJxPIHrlNPFxQBoANnWpUI6AvWQzXMlb65xrZ7qY9RdRsKHk0cWa9aSmv1KZUugT3LzUlSUASvFsg_a_rD4B70-8UKFWaRrXtXHBvEDBN4WHCtEuqai9us%3D&p5=gfgmb&rand=htkthea&sj=7LMF3S52TmY-3OveCaGfU5nbPdpj8EVNIXJeCtmCo74nkZQk96NQTF5dSpQU&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjid&rqs=cdpb7u22bQRxan5hbgBbpoZ0vkCj-Oyz&rtb-si=b&p2=gatl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:40 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
66 B 74ms
74ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=317ab0966d1ee2fd&pm=bmq&pxo=fTtpnGacwEWyeMAYdxVq-AwoOB7DcPPpH2NMlhg5-2dmPK3OrHzyr22C9kBjuxn3pdz38IeReZq2HtFNExmK-Nb0fAd8cXuLgT9f0szpQ3N1IOfjWIwSHdQNWeyXiMVfLU76gI-Erz3gZN6hPwa-s_GYNWDyKZegGkSo9wmQcwmoGPYMvK0%3D&p5=gfgly&rand=kfvntes&sj=JYxcWCGtGJiz4MouXSifEUyRW48LnSD4dHvwp8SsmuAumd5__ibw4SpegT6jEw%3D%3D&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjig&rqs=cV75Gu-8-Dxxan5hfsh29bCPwbHovMR5&rtb-si=b&p2=gatj

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:42 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 77ms
77ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=83975c8b0dc239e8&pm=bmq&pxo=XKupSqAQl0geG0N3j1b1PkLCCwqJ_w677eUZdVjhz_PjJW1UskvF9dvR8BcU4i5qD6gXwmZBeR1HO11dLd_fp5Oyu-IZG0RCr0DQttwFTVj2obyzDfUJoXY4U76uBxv0QmfLaZc8TjB82Gf9jWR7YocBcRYvq96k_knhCh59-k5AKL1Z&p5=gfgma&rand=fxcgpel&sj=gaVY-XsYT45qpHjDfgFNLka0PV3Ij0z3w47_--yEOR5d_XdYbXl1zGGds8XD&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjii&rqs=cdpb7u22bQRxan5hcSVfivMaQQJ565d-&rtb-si=b&p2=gatq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:42 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 80ms
79ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=311b4a32bd0b47ee&pm=bmq&pxo=l3AsM4U7Wl5wTsSxryRrRg2dznrV9jpCZRYe-RGIYFDfY4JswBstoIgk_llm0C1m36Dl1WORrvgWDkT5byZp2dQH21ezw0Z1HDMN-QvFVPkTKrxi9Jghf_8rVBo_sZUZ55nQeuxpadq8OSzF8S1pz9fjlA-0R2jYtJAKLZF3BHW-8oMp&p5=gfglz&rand=cqpdrab&sj=sYptcAKSeU_BUn4ShCyZ7U8YxBmRvEFPdRSrNhsTrn3Z-LyODHTi6XYSAUMg&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjih&rqs=cdpb7u22bQRxan5hPoLhcNDnpgikGR2j&rtb-si=b&p2=gatp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:42 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 76ms
76ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=207ccafbf6162d52&pm=bmq&pxo=7NkYGyuvp5m9JNBSq8SdyoGeBCgw3H0aKsPl9_2OD_McjUyj8WWIUkR3jSsQzkWRUW8FjgbNWMGndYNd4fNBvh2LJ4Ddqt2p9Zmd_u5jJbFNuP1d92WftT9QcZKXyIJzmxjwO_7-JT8SostU45-39WXW21SLwakoVaj-sOoDB6Qexdk6&p5=gfgme&rand=heoloud&sj=C4AdLo3s3HCw6spQmSPGW8cnTExL3T1Qat-4Tf66Ym1PJSInrfuiAIzqCQRi&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjif&rqs=cdpb7u22bQRxan5hLLrtw6-yzFOvu-xm&rtb-si=b&p2=gato

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:42 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 74ms
73ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=59dc6192e9b453e8&pm=bmq&pxo=GrVJVwnJvuiGKcKwtDemkKRXs-tKCU4d2SJUUfwEF7KpT0RT91_0ZJuRwEmClGJxPIHrlNPFxQBoANnWpUI6AvWQzXMlb65xrZ7qY9RdRsKHk0cWa9aSmv1KZUugT3LzUlSUASvFsg_a_rD4B70-8UKFWaRrXtXHBvEDBN4WHCtEuqai9us%3D&p5=gfgmb&rand=iuulbzi&sj=7LMF3S52TmY-3OveCaGfU5nbPdpj8EVNIXJeCtmCo74nkZQk96NQTF5dSpQU&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjid&rqs=cdpb7u22bQRxan5hbgBbpoZ0vkCj-Oyz&rtb-si=b&p2=gatl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:42 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 77ms
77ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=063c163c953cc125&pm=bmq&pxo=Pjy6faHofA85Qk7C7-HeQdC6UqXGu9EMCj3C6WMtugROYA2dufAJMieEfocbtjD_KMxPvMYjNYKFUo2F6sISujZf-HG1_7WtO4rsqQwsI_hfdaBTtEznjQ58hRjym_OwG-L9oCAmBAVchbHIsmPrvRfsr7jurmBDx6UMJmNkoUwyBDnp&p5=gfgmc&rand=hkdsywg&sj=ToDTi9LIoBAQwxO53lGOf2BMv442QUX71ZO3sKBHGelURRzeDEG5ybhtG52x&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjic&rqs=cdpb7u22bQRxan5hlMp7RLgwq8qI4TrR&rtb-si=b&p2=gatm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:42 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 67ms
66ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=0e413de8baf5ea13&pm=bmq&pxo=PUHia5JLGCOdqCyslSGfqTMETKbpxGC12ESQxGAcD4bKqFbtBF6WMPXp0evOno0fJrzvnTGnEc5ctQbSLQrXv-chQvxQNgz_7rtCHwi2tY2EvHvyhCkjSbJBOeReJmeKIbXmpjXvumNaGzdGS59sIduVz0SiUgIFqGrx7jmo_xUrqOdO&p5=gfgmd&rand=joubvls&sj=3tJ7hUy1NAaMEIIpOAsQWxUZwqaIS-NW5760F4pRXjKPilfrsBhrCIuoa62x&ad-session-id=5608221635674737200&lts=fhrizev&ytt=479387069843477&ybv=0.46952&ylv=0.46952&dl=https%3A%2F%2Fytro.news%2F&pr=biqompj&p1=cbjie&rqs=cdpb7u22bQRxan5hzBEr809BCDlz_xIm&rtb-si=b&p2=gatn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 10:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 10:05:42 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H/1.1 204
No Content a
ingestion.contentinsights.com/ 0
88 B 31ms
30ms Image
text/plain 34.252.144.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/a?d=https%3A%2F%2Fytro.news%2F&f=1401&b=&u=1635674737363.807533475.7257824&ul=1635674737365.810692225.5162628&at=5&ar=5&ts=1635674742&seq=1&x=0.551130956107831&err=1&ver=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.144.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-144-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ytro.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 31 Oct 2021 10:05:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-20 15:52:26	Name: i Value: bw7TaxxaXtUizhNxkllcv3t1wHohqYMMG2n1FT35xI/82txCmwhPOs0g0mWkNULPqLUdwAHK23+imtwnOTjYKVOFIdc=
.ytro.news/	1970-01-20 15:52:26	Name: _ga_FB1GYCCPFP Value: GS1.1.1635674737.1.0.1635674737.0
.otm-r.com/	1970-01-20 07:06:50	Name: mpid Value: NjE3ZTZhNzEwNjUwM2NhNQ==
.ytro.news/	1970-01-20 15:52:26	Name: _ga Value: GA1.2.301309105.1635674737
.ytro.news/	1970-01-19 22:22:41	Name: _gid Value: GA1.2.552953095.1635674737
.ytro.news/	1970-01-19 22:21:14	Name: _gat_clickioTracker Value: 1
.rambler.ru/	1970-01-25 20:05:16	Name: ruid Value: 1CIAAHFqfmH7pmQkAe12cAB=
.ytro.news/	1970-01-20 07:06:50	Name: top100_id Value: t1.-1.1999280910.1635674737292
.ytro.news/	1970-01-20 22:21:14	Name: last_visit Value: 1635674737297::1635674737297
.ytro.news/	1970-01-20 07:06:50	Name: t1_sid_-1 Value: s1.613565743.1635674737294.1635674737298.1.1.1
.betweendigital.com/	1970-01-20 07:06:50	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 07:06:50	Name: tuuid Value: 3e41efbf-ba1e-5130-9ecc-0135ffb26b44
.betweendigital.com/	1970-01-20 07:06:50	Name: ut Value: YX5qcQAFLDhGGZQnCD-XGXbhSh3Gk-tSiCidtA==
.betweendigital.com/	1970-01-20 07:06:50	Name: ss Value: 1
.betweendigital.com/	1970-01-20 07:06:50	Name: unm Value: 1
ytro.news/	1970-01-19 22:21:16	Name: _ain_cid Value: 1635674737363.807533475.7257824
ytro.news/	1970-01-20 15:52:26	Name: _ain_uid Value: 1635674737365.810692225.5162628
.criteo.com/	1970-01-20 07:42:50	Name: uid Value: eae43331-d9fa-405d-8886-f41d8b2626db
.yadro.ru/	1970-01-20 07:06:03	Name: FTID Value: 1XVcfn3zfR8B1XVcfn000LI7
.ytro.news/	1970-01-20 06:20:45	Name: tmr_lvid Value: d3edcdd251d914232074ca1405519be5
.ytro.news/	1970-01-20 06:20:45	Name: tmr_lvidTS Value: 1635674737398
.yadro.ru/	1970-01-20 07:06:03	Name: VID Value: 2HIVm20IFGOB1XVcfn000LSt
.linkedin.com/	1970-01-20 15:53:08	Name: bcookie Value: "v=2&119f3fc9-3d6b-42df-8e96-512e6b1e73fd"
.www.linkedin.com/	1970-01-20 15:53:08	Name: bscookie Value: "v=1&202110311005371986dcd8-6a08-4fa0-87b0-d63314e2a358AQG3dXiPpq6fduNCL2BKe05vSytbUDxk"
.linkedin.com/	1970-01-20 15:44:29	Name: li_gc Value: MTswOzE2MzU2NzQ3Mzc7MjswMjG5aXYBSmBhcmhULJ8KRk6WzTbFEVKMfMp6SZvtVGE45w==
.linkedin.com/	1970-01-19 22:22:41	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2488:u=1:x=1:i=1635674737:t=1635761137:v=2:sig=AQEv_DvijlAtbYW9aVpLPxZl7SGSoEWg"
.yandex.ru/	1970-01-23 13:57:14	Name: yandexuid Value: 319112281635674737
.relap.io/	1970-01-23 13:57:14	Name: fsts Value: 1635674737
.relap.io/	1970-01-19 22:41:24	Name: rlprp Value: zzGwSw--a2a3ec785c50fc5a664a096a341a5154ab3bca6f240eebee7b10a94ca03e854d
.relap.io/	1969-12-31 23:59:59	Name: 3rdpce Value: 1
.relap.io/	1970-01-23 13:57:14	Name: unique Value: Vrn6U3Bf
.relap.io/	1969-12-31 23:59:59	Name: suid Value: 36fc611ac27adfa6e1ee1e13aada823d1238d2b7--9663c3190b615bc91e4dda8f5dd3dde7dcd34b1b830117cd936082f37e197dad
.1dmp.io/	1970-01-20 07:06:50	Name: uid Value: 18af24f0-3a32-11ec-8677-901b0e934d81
.1dmp.io/	1970-01-19 22:21:14	Name: 18af24f1-3a32-11ec-8677-901b0e934d81 Value: cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD1Wcm42VTNCZg==
.stat.media/	1970-01-20 07:06:50	Name: _sm_uid Value: 547cd366-cff7-421d-b33a-0deddd1b6591
.stat.media/	1970-01-20 07:06:50	Name: _sm_udt Value: 1635674737865
.stat.media/	1970-01-19 22:21:16	Name: _sm_sid Value: e2757a7f-1e81-440c-8c37-034cd0a0d213
.stat.media/	1970-01-19 23:04:26	Name: _sm_cm Value: 6
ytro.news/	1969-12-31 23:59:59	Name: _grf_vis Value: 1
.giraff.io/	1970-01-20 07:06:50	Name: gid Value: w6EQjGF+anI7BHGGJTDUAg==
.smi2.ru/	1970-01-20 07:06:50	Name: _sm_uid Value: 547cd366-cff7-421d-b33a-0deddd1b6591
.smi2.ru/	1970-01-20 07:06:50	Name: _sm_udt Value: 1635674737865
.smi2.ru/	1970-01-19 22:21:16	Name: _sm_sid Value: e2757a7f-1e81-440c-8c37-034cd0a0d213
.relap.io/	1970-01-23 13:57:14	Name: lsts Value: 1635674738
.relap.io/	1970-01-19 22:22:41	Name: hllc Value: 2
.relap.io/	1970-01-20 07:06:50	Name: rlpagcs Value: eyJ0cyI6MTYzNTY3NDczOCwidWlkIjoiQ01UaDExM3RTeFFsS3Q5S0RBNmNQUU1BPT0ifQ--8e76514a5986ab2f85f3fc89392f9424ba50229c985734e0beadce897cd41f8c
.ytro.news/	1970-01-20 07:42:50	Name: cto_bundle Value: unGHKV95QmlscWxGZ1E0TWlIOXo2ZGNwMGxNRHhDZ3pDU210dUhPVGNsZzJKMUN3T0VKc0g1MWdPalFLS0hSN01COFZ1QWMwRW1UVHdTb1hsbFBBaVU0JTJGUUFXT3ZnWXNuZlFuWTZUSFhBUEMlMkJGRWxsNDhEWHJiWlFZczhMYnRLaG4lMkZMb2t2WjZSZk9hNXQ4YnJ5VGs0R1k5aXclM0QlM0Q
ytro.news/	1970-01-20 07:06:50	Name: _grf_uid Value: 1915447882
ytro.news/	1970-01-19 22:22:41	Name: _grf_cm Value: 1
.vk.com/	1970-01-20 07:03:37	Name: remixlang Value: 6
.doubleclick.net/	1970-01-20 07:42:50	Name: IDE Value: AHWqTUkSZrUkqmxDhx1jrocpRPOBfsIjX-V7tAIE8N3UCykxcFG-UTsNJ63uh-ILYIE
.uuidksinc.net/	1970-01-20 06:59:49	Name: jcsuuid Value: 6Nwbwo7yafRzl8mgkgAF
.doubleclick.net/	1970-01-19 22:21:18	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 07:06:50	Name: CMID Value: YX5qcr6t2CdoFiWhiaR3UgAA
.casalemedia.com/	1970-01-20 00:30:50	Name: CMPS Value: 5203
.openx.net/	1970-01-20 07:06:50	Name: i Value: 682b3232-ea06-4b56-9bca-4f6dbcf6ed59\|1635674738
.adnxs.com/	1970-01-20 00:30:50	Name: uuid2 Value: 6968825271201247156
.adnxs.com/	1970-01-20 00:30:50	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilaoqgpo!]tbPl1M>e)ZlrFUfJ+tGXxoTEScCsQ8-DoXx+#FUx^8QKyvvZsk5a8N/WtbpRzqF1`b`XA*EVv4
.casalemedia.com/	1970-01-20 00:30:50	Name: CMPRO Value: 1110
.ytro.news/	1970-01-20 07:42:50	Name: __gads Value: ID=2cb4005bf3187585:T=1635674738:S=ALNI_MYas1CX0Ugsbb6OXoPiQkS-RPi9Ug
.redintelligence.net/	1970-01-20 00:30:50	Name: 8lcfmzhxc8d6_uid Value: 73c457f68746ad54
.casalemedia.com/	1970-01-19 22:22:41	Name: CMST Value: YX5qcmF+anMA
.casalemedia.com/	1970-01-20 07:06:50	Name: CMRUM3 Value: 2d617e6a732760CAESEB5q1ZXrFHRH7AovCYXXPVY
.advertising.com/	1970-01-20 07:08:17	Name: APID Value: UP19890a78-3a32-11ec-b200-061375847706
.spotxchange.com/	1970-01-20 07:06:54	Name: audience Value: 1993e5df-3a32-11ec-b26c-194044dd0206
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP19890a78-3a32-11ec-b200-061375847706
.yahoo.com/	1970-01-19 22:22:41	Name: APIDTS Value: 1635674739
.yahoo.com/	1970-01-20 07:07:12	Name: A3 Value: d=AQABBHNqfmECEGaPk4r6bZBPVyTCnARkL2EFEgEBAQG7f2GIYQAAAAAA_eMAAA&S=AQAAAqGK-T8JLuAwUkgl4_E_ZIU
.360yield.com/	1970-01-20 00:30:50	Name: tuuid Value: 16f4fc40-4cdf-4c69-b105-762bde678582
.360yield.com/	1970-01-20 00:30:50	Name: tuuid_lu Value: 1635674739
.blismedia.com/	1970-01-20 07:06:54	Name: b Value: 617E6A73855E244D7471E1B5BLIS
.analytics.yahoo.com/	1970-01-20 07:08:17	Name: IDSYNC Value: "1762~219m:18yl~219m"
.adfarm1.adition.com/	1970-01-20 00:30:50	Name: UserID1 Value: 7025169510910851217
.w55c.net/	1970-01-20 07:50:02	Name: wfivefivec Value: hjqshZWP1MH7ID5
.bidswitch.net/	1970-01-20 07:06:50	Name: tuuid Value: 39d4d751-eb8f-43b2-922c-129062dfa9af
.bidswitch.net/	1970-01-20 07:06:50	Name: c Value: 1635674739
.bidswitch.net/	1970-01-20 07:06:50	Name: tuuid_lu Value: 1635674739
.w55c.net/	1970-01-19 23:04:26	Name: matchgoogle Value: 5
.creative-serving.com/	1970-01-20 07:42:50	Name: tuuid Value: 87708af1-9eaa-4af3-aef5-57be2cc29289
.creative-serving.com/	1970-01-20 07:42:50	Name: c Value: 1635674739
ytro.news/	1970-01-19 22:22:41	Name: tmr_detect Value: 0%7C1635674739960
.creative-serving.com/	1970-01-20 07:42:50	Name: tuuid_lu Value: 1635674740
.ytro.news/	1970-01-20 06:20:45	Name: tmr_reqNum Value: 4
.tribalfusion.com/	1970-01-20 00:30:50	Name: ANON_ID Value: arnseFNZaiMiAmemFmDgM1ZdCHBtY8RkuximMqZa5xSNm2wf30GU6JUCuW5HZa65sTCbSKAyej1JZabXtfT3ZcM7Xb
.mail.ru/	1970-01-20 07:08:17	Name: VID Value: 11ZnrE2T0bo500000X12H425:::0-0-0-698c331:CAASELuX9kpWAlB2LeB6HbYCQMgaYGje1YYJWQRHuICJ4dNFXYQo7IrAZxRNHMaZJL7Q3YGg37oqQK3ixYjChBLBtV2gULDCICEUn8fTp0UXnWGzjOdZF6hfKzprJq-bhouxCiEmg6h7iv_vwgP1oI9NFMC1sQ

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://ytro.news/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://relap.io/cookie_checker?_s=47w-6Q&callback=window.relapCbRegistry.relapCb5963197157 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339(Line 5) Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YX5qcr6t2CdoFiWhiaR3UgAABFYAAAIB&google_gid=CAESEG3O2eDiexfefQ4jW3f4ITk&google_push=AYg5qPKkDEGzjIy-c3BYSXjWNMLKmjcog0e4JDyl2zwPDoYfhXUg7VwwZ8Az2-LHeQdpY5k99PLGJo_Lo5hiDioMtZe5M4ij5AM&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FvT8QEzfTGmxBXYr3meFgg&google_push=AYg5qPLRCKtsN9K3oenqD_4nKUWjVcahyUfrHFv16kAuJJJ1yq0en1NhdeqF3GQnF4pd0WcZ3gSypYhw4bQFZEj6qJ00VB2rOA Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02b396fb068d41101fee058d08ed9614.safeframe.googlesyndication.com
6f39a5f37896882b69a2b4fcf7320cf2.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
a.giraff.io
a.tribalfusion.com
ad.mail.ru
adaa9ccb8f42c42da8505a9d9162749c.safeframe.googlesyndication.com
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
ads.creative-serving.com
ads.yahoo.com
adservice.google.com
adservice.google.de
an.yandex.ru
bidder.criteo.com
c0674397595197a07394ada2eb5284c2.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.contentspread.net
clickiocdn.com
cm.g.doubleclick.net
cm.p.altergeo.ru
code.giraff.io
connect.ok.ru
counter.rambler.ru
counter.yadro.ru
d201d75335446ee9d86554b08fb7d124.safeframe.googlesyndication.com
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com
data.giraff.io
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1637ec514a64b906b4b8ba92f27ddd3.safeframe.googlesyndication.com
fc4e8a4f4c38de4fcbf0618132555bee.safeframe.googlesyndication.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
gum.criteo.com
hal9000.redintelligence.net
hal900019.redintelligence.net
hal900027.redintelligence.net
hal90004.redintelligence.net
ib.adnxs.com
ingestion.contentinsights.com
kraken.rambler.ru
likemore-go.imgsmail.ru
matchid.adfox.yandex.ru
moevideo.biz
mug.criteo.com
pagead2.googlesyndication.com
pics.ytro.news
pixel-sync.sitescout.com
pixel.advertising.com
pm.w55c.net
pr-bh.ybp.yahoo.com
relap.io
rtb-csync.smartadserver.com
s.ad.smaato.net
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
securepubads.g.doubleclick.net
smi2.net
smi2.ru
ssl.google-analytics.com
ssp.adriver.ru
stat.media
static.criteo.net
sync.1dmp.io
sync.search.spotxchange.com
sync.teads.tv
target.smi2.net
top-fwz1.mail.ru
tpc.googlesyndication.com
tr.blismedia.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
vk.com
www.giraff.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
yandex.ru
yastatic.net
yhb.p.otm-r.com
ytro.news
cm.g.doubleclick.net
tpc.googlesyndication.com
104.111.242.245
109.248.237.34
138.201.139.144
138.201.63.116
142.250.186.166
142.250.186.66
146.185.195.88
172.217.18.98
172.217.23.98
178.250.0.157
178.250.0.165
18.193.230.138
18.195.105.17
185.162.95.72
185.184.8.65
185.33.221.14
185.86.139.113
185.94.180.126
188.42.29.196
195.161.16.132
195.161.16.140
195.161.16.141
2.18.233.88
2.21.141.232
217.20.155.208
217.69.133.145
217.69.139.14
2600:9000:223f:b600:1b:5138:8a40:93a1
2606:4700:10::6816:4f7b
2606:4700::6810:7caf
2606:4700::6812:d05
2a00:1148:db00::17
2a00:1288:80:800::7000
2a00:1450:4001:802::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a02:2638:1::3
2a02:2638::1c
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::90
2a02:6b8:a::a
2a02:fa8:8806:12::1370
2a03:2880:f01c:800e:face:b00c:0:2
2a03:90c0:41:2801::254
2a05:d018:d29:3602:6f35:8046:ae1a:688f
3.124.143.99
3.126.56.137
31.220.27.134
34.252.144.27
34.96.105.8
35.157.177.200
35.244.159.8
46.161.36.23
54.36.108.3
66.155.71.25
77.88.21.179
78.46.100.125
78.46.111.106
78.46.90.238
81.19.89.17
81.222.128.213
82.202.225.240
85.114.159.93
88.212.201.216
88.99.165.19
88.99.28.61
92.38.138.91
93.186.225.208
95.163.37.253
95.211.66.34
00028f80cfe82fce4c139816b346ac09923be34b8ec111a2c46c600005c76caa
043ab84fa7787a60dfaa075c6d5f343c94e647ae8c6b61d357abf9ef8b091f0e
0535a5828934a648f30b2513995b73eaf14a625e962d56476b57fb7610706f95
05e30cdf9fa837624c5f29849e39fbfb1ada2ce2e3e1d801d89f8bd9c5e535fc
068a10c134968f5b4e31e5bbbe09435b445e451903424098699c484b7d1b25ba
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
0731b5d2c78f88226092daf1edd073c7b2db4f7f8cb7171bb1319441d3ea4b43
07dfe967094683a20ef877b702ef747c628b5cc9aed74971a1741bd51672e5e7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0baca6809327a741c1f7b8b3d61e6beaf22ef62308edc8f9d355edefc9778b54
0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77
0c580ff5ccd7c4aa44a761dc471ff105e613c2ef253f6cef8884cb7ed22a3da7
0e7916409a1448edcc2ad276a9200afd9c725fc3b279ec16fc2a61ba1ad09920
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
11d07c33cfa91688ced5ec103241131c4a9642f0395d55ec11905b54e6f268fc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
145d7bec724ddd74c5e0aa649a8b311cc893d381adda4086b346122ff5fb952c
16465cccbf141f1a126c4476b299f79d14c8413954869b1f2093d4b1e7a41bb9
165bfa5cef957cafcef9ff654e0f07a81196c10434659beb0c7d2d0915891675
199d1cd45e3f410c29743c1f4a0f57708ac7b8d8c173b7e4ce239979cf6d0de9
1b44d1301853ab659d9bb700547ab0277ad55323998d88346dd296b32a5cf063
1ca4a1b703f5e89ab1526390af87d1d72077e452251811e37d8bff386fcb4e0a
1cc14d38c838e90695986b343976a4200de95ffc0e37eed5e85848d428153abb
1cc3e70df287e010577f59eb584d5b1be35970aab7ae5f3914d6decfdef509f0
1cfe4f6fd49b85b9d410cd2e1482f17dbbb8cee4fb8173396555b7244d82a9f1
1e62ed623cb1560c4b9e1dfe9a58e9e7764915f220f994d23ad9e7f832f7db47
1fdf27d473c1416212d302d9f8e8c03f732049ec77257f6145d1de8fc843c850
20496d6c3e73bb34805560d37802d8585d0718dca6c8367492f22c454ba4221b
20dc67abd0ba83bdd896645cf1622b4caa1fab80494baed8bbf4d01d2e980ae6
23c185f7fc668477fc07e92bf55eb7cfe0ffe982516405b3eaf619fb82cd1112
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614
23f3998a0f3361d908cf6ce44da36c4a3866b025f0f19bf8cea590509823abed
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
275d46c5c1c918fb00511a3429079681adfe08088553b825d41ef42c9c56d83f
27ac4f3217fa2727b0ccc38408e3d66898de3d896ce49a4b7d16776d000f366a
29c8710f5d6f431a85411fc314b967f2599286b21b8c7481f304c437f7ca87af
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967
2bf988171c1dfaca42ca163d70cf950ff080414b37c7ff592272f759f1b224f9
2ccb5d9132b24a2a3576932360404be1e140039f0497c1ce82986f92f8391ad9
2d3094584b53b793f7423681a7fec10e7b1bd61ae300f194796d5898b4ac4c7e
2db6772a868844581905760ba68a6914605d24819de66255a6e68c818c4cc849
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa
2e83f83fb9c47473e3b61e1fb727105e243ad9532343e65ac6c3ca2521fc7185
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
2fa5738a71dd6018a10876d5a5baa2083ef301895d49716e111782076ea8ed2e
2fb4eec2305fa629bc24a42372de4e80854888c59316405353b6d5814500cf8a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f
3a74dd12e2d4666b3b4a6fcfbbbd34e66a1a6161b8f17e5ee371b6592fd99d48
3bba79557de1318ed770c1f05b449afdb6ea189c7dafa0a3aa83b9d7db969be7
3e03235917b59670e1f368dbc1c82e13860fe67e00c3745ae4f84cc84d533d22
3e7f0b6867ed354dd33d9c2c70d8949d0d0e02ed799e9789e244d3d6ffd8e908
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
48736e272d922fad5b3f2afa3416becc2723e199cb06ff79cfce862118de1376
495429cb787693ce24f666d219b16ab9ab109313630ae9dc350258e69179ede6
4add0429905c9e5beddafbb43671f992dfe86cc84c4f9a7d1d0ff50f91cb17ec
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b356a5fdadebf45a278205822bb4ccde28a281aab0b71cca4b4bb84a2eac856
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
4ca6d9a4d6659ca24cce83275004aada9c50e27a320fd1c2531ec265ff6e8b33
4dba1e011745c1bec0b32691b466bf85c8972935bdb186a45fc96296136b23d8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efc7bae0f267c675c4cce712fd7b6dd7d69528899330340228259013376ba64
4f019424845e5a43cbb8ced271c9413fab151dac52d7c85d9e984cae55c32db5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508d6278c96f3db92e59e738df47c13bbf9dec8c7291397c21df350fe02846f2
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53df99c33bb35855bc6ba4ed840eceb563c9101a314ad672ab3dfb4782e68598
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5a297d84fba7d335495a9187d7935f46df79066c97397f104047933236294089
5b2c8581b8d43c0014ae587373a9792159f8c5a86038de7f9fdaf69d95027343
5bfa3d791a8fbb0feca95d7f930acff23e8d3f22022a439163cb75146d8891d6
5d2b19d59ff4960e39d24ae180cc46d82a1d972e34c47bb5b9b3978a309a7fec
5d81781ab85b52a308ead17cd12c06f6b7967c012cf81a7f6d8ad4f997e4321e
5e0b7c453b04e673927ed500a74bf8bf65cce224130a0a0cd14735bd429e5b06
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
5f9730e9e1e0e3499b8cfec56e8c3df1aa855e0a3969b1d9aed006841adea178
60576232472f68d95df1af2c82ccb71bd4a30e26d6ce0202d3df5449d9a1727b
63a467748c61b9bc7a52ac1d948e8d9723502eceabc74d45f793ee5c8fbf0386
644bb75cf534daa6afa3e3b95086f18bbc720e8dc15118cd2b8f7d31bb9b6889
689dfd5efa19909a15e4917dde1ff6886526839abae8ac081c2a77c055116fd6
68e8def4a8cd003c5da11a230e116720daf122f80f5fe39ca9560f1a29ff0d8b
69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598
6a7db638316f2e2c2a5bbc3f841a4e9d2f36d91c4eeca48dc8d5308ec266f119
6c1e71adb481278837affa87a797cc7444bf3f4b86b8e007d09272d5653a5593
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6d701520a4c9f3b9fc4b2d9df37431f62f339d78e5b400dde6613c93ef6348dc
6de712ac16db9410b4c61e929db988deaab381f5a269d7aaa4a63867b380f364
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
7011fe1f82079e7c8da14de367472e49d7c9b57698f128373a27deeac9c039a9
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
74fbaf35be39c1522c3c2a5823ed507358f1d2ae40bda797f660ca478506c22a
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7890f0e55163ab13f71814d1efb4c332c0d92a669419768a1a580febe0962176
79ea35f224d899c373f9b83f5ac4dc4d429c530b598f93522f65f474e2ca77df
7a488b6eec146cd55817197d2524099ba4a7280fddcc9277418a7bb17ecd537a
7af34324dea0721c836b91fbdb2a154d53ce255a6a963f156d309c72db9d8375
7c284ff50d86df452886949229d08cf2698dea3ca21354e9ad9a4b324a7177a5
7cf3f301af4dd7f8b4df8746214bcd79257a9684152046c796cb79cf8d25b614
808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e
8156274be416705f770f8d4e0338e9886f99a863f433e105dc497f2e998f1812
8185d758465985adefa50e9aa37905952c926e7e56bafc2b7df03b9f129b72a2
829645bc710de99880be82cc25ddeba44e99192430c9edd0333bba19d97dd0d0
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8877d3fb12cd988113d631433bd1935000c2d69082974ac602d943c7dbfead27
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2d4a0fea95ddc7f951c6c60137c0c5f69116f15de9fa7230dc335f85ee99fe
8acf26e5da31fbcf97b58ad60baa4121ab276efd4ab78661e842fee1ff975071
8f53a9e2852de066a9358158b51996c3ed94462a33618f406e65d35733150fe7
9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2
934a277b933f75603158b887ef49467253060ec5bb175ef27391ed917d6b1ca1
959cb2e1501ddcb562b4534c5ffae70f99e8ac6a2b97bb808f55708daee45bcc
965d582895d3b2fb14f1e129db899a8894126d015b2a49d36ea76dd8e153806e
98424872109542731a4b210eae25985fa55bb7ab2b041197505426bf4252afa0
9884796361f3f2c3bcf41bf72263bb081266876937d249a7b4164e1ef87665c1
9899c1b1b7d79b5c20c8253d35fc0641df0289c542ce194debc12f5cbe22cc5d
9955e76a0aa0414abf703f10e87d93722c71f3fa57c82eb7531c9473d9ef72fc
99fb6040a892b2d590d2e14702a0133869c60caff180195e1a98bceac121d65a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af3cb5a27b400a4d95abc3ec9a1c4b2c659f04c44fc1eb5087976043a666ef9
9b00b995e5bacd71f8042e5da70f38f32c374d4d1055c112e8a1662d72deed67
9b1d65f4e181b72a8be65abf97ff1a53ecad6824a1abea9359068d378a0635ae
9ba82b51ad68ed71d5245fa4d8ffa4815b539405d413d2239c5ab4457a3dfae1
9bacd698c79bf6786a5cb48c892936eeed3085fda057d6cc217801f1434930be
9c7f71da6f8110384912648eb9df3134616cc28f986c614d2ce0b5c8499b8b05
9cb46df45ab7550f47004e885582a412d0b5008c3d8e5b67bdea86db4aaf450f
9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437
9d72dece8ed48f4ba9c11e021a9cec5bc4e698ff95da7e378d71bca8a18c5667
9e7087703b5d40c70ead12bea0b8a8026c69f541a420ba60dc2b2381d1a8f089
9fda1c82c6cd9d802f213ce5e87e0ff3add1366e78a5fd23de5e6e6f155d5ddd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a04ccb9816b88e70f05b15e7287ac8c75f78bd55f181df6ea7e3db64b74ec890
a12ed550b1de19a97ee625f2c15b1dc262bdb890f0e1b66464bdedbfc90b0f7b
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
aa2fd0f7b2e3e7cf40af23d2e2426274cee9facac073b5c6058f560da3260784
adb20dd74cf7a8de79c0e85a58f9262bdddd38d9a9584fb0c2abe7efc846a892
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1891c95fcde12b1a5afdb6f4a956513116296336eb7aeae25b913e2d2730a85
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b2bc9909621a1b17e7e81c75541c886aa1ee101408d3188eb2a93547419cde40
b4d1ab4c1f7308baaae72c73033a019b74f3b82c49460288847a0f62effb4f10
b72c006daacf687eb8131e613f5fe2a307a60d939f1e932277e8576491285c80
b80902bc069346144644109f95fc1b0bfc1d6dada8f57c16c0ded4df7d16d618
b9312ab6d0b0214474ba986f7a96c1adc8de84c216a9380f27e228f5fc083c37
b96ba5eb60f625217f0dda0c2a7fb9cb36aa0bcc05f3f14f6151620b3d6f48ad
b9d965c892b782e66a44c9bf9a2d5922f1cdbcceada7e90002e753a86bc15130
bc13af5e98ff3288a38a478423167f9bd8aa8a13e17809d7ac869f834901d078
bdbb68c079fe40720998bf2b4163c027c502a2c4f7e5542cecd42e2181266dad
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
c0ad5608f211342564118d3b5249a7fe5d40f709ddab2f2079cd8c6cc8a8df67
c0e6c27e13415cd70e338f7040a69a6e992a8e02e13c6508bc7df98427d4f0b8
c2c0438345e8266d1c5bfb3c5d2e6a4969ff4b714300e4e2a40dc2bf8bae4fef
c35becedf1aafd083633171683f9e043d83a9ca46436519704ebe4014e6b9456
c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e
c7d83a3d5041570e288aa8bca331f59ca74ea91b4f84fe684c06c1795c62b088
ca13872c33b4c6ed94596292a6201d7daf62dcca6791154250f44b0264b3d8ea
cbda3ef87609525e2533a74ed5b633fe8eb28a9f5671069f42e035d3a3a0f8a7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd91d8ff48aea2adea7719b47c73eb7fa29790f077153e496ff8877ac6dd88c
d03057abcffb7f2a02c1c29808334101074c103fa5c49c15069e13add2df4721
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1d343d94fb1488f9516c913d74f06f7c4f592c254333ce3d5e9508179fd0456
d2f51f2ab5d00c8e305728ffa74b4bd3a3a4879ab9f4774d0359b260214a7024
d318e996c63c24da67e6bc764dada6ee81b1ab887e9914455c8755b6e012ce49
d4e11c581d14b7958662f30f4344ce22eb0175cf1d504c85cdd12e0b012d18fc
d59371e3f0a6e74cfb0198ad2da8f09b154eecd86d134870e534f5266bc8e51c
d5b12efe4d10cd2e9c2177607d21507cf729aa0ad3933508264a044334cde422
d90996e05416048f3c7e7ddf2f1acedfec75667d58b9735e8cefb5a6ac68de1a
d9f5988daec1aaf536db334bc7aaa873f0e73b134176f69021f435934a6a46da
dabfc7120a93e22f4da3b5fd3654a6157e7aa2039d54bca09f6bac82be3c8d88
dbbe201258451c1aeb5a0e68c4c9344e6f177afd31c1adf6475e21ce879784aa
dbbe807a86f9b5b26a6ad22df99d54361f46fb1ca0748d82203f5af5308ad69e
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de53e670850792e2fadaa571f23ee67c166319166fe64799187b1bb598e85119
df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9
e1123f0dbae7dcd9fa76d9b4a3e863bdf057d3a0eff034ec05f864d34732a30b
e346406886636bb78bffe42a074b2af5d370b1087f033b036f3d620db6978b23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61e1b94a3afd61e0596794559b07e18d8fb3a9028ca4de6a765537c5dbb56ad
e63c13d3d1e9549c58fa12067320ad16767228b5f223feff29a0fea751c1235d
e96c31304d58bc83256ba6e55ae28bb0f222343d9e0698c0b9f2746e2adcbc87
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
ecab40c4279b9893a93686be3cd8bbad1df154f0aa313a37b2358072a75b6474
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f077cb5acc0dd2c7447802fb25e2e5d4723e58a2f4680c466fb875c0583a4cb7
f10db5ca926522b5afa9f275367f169096c4ae5a1daaa6109b161e7db3d9359a
f3acd01b02d8b9df1781c0d6f2f2ee43a856455a102fc673727ca97f6caed00b
f58ac8310c580f38177c71c590d8dcdcfbdebf980badf4fa533c75845bb1c11b
f65c544a980388b766cb84f13a54580cf56b72efe5a11a466808d336ec74da85
f779672e098b6e885a6e5ef13d56bd65955c817fd5cea1a96ffb937a361eefe9
f9bc2af159f56f6373d66177e46c98091dd63f5ccd06ae805fd3feac847fbe0f
fa64d6e4916754849e5986a9da2902e5083bb793c501d422ccb6790accba4c8c
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
fef6d5b54da0d9e0479a9560e9236c70713eab51dbeca880a78ac30067bcceba

ytro.news Open in urlscan Pro 109.248.237.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

412 Requests

92 %HTTPS

36 %IPv6

58 Domains

89 Subdomains

73 IPs

11 Countries

4270 kBTransfer

10839 kBSize

85 Cookies

7 Outgoing links

Page URL History

Redirected requests

412 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ytro.news Open in urlscan Pro
109.248.237.34 Public Scan

Screenshot
Live screenshot

Full Image

412
Requests

92 %
HTTPS

36 %
IPv6

58
Domains

89
Subdomains

73
IPs

11
Countries

4270 kB
Transfer

10839 kB
Size

85
Cookies

412 HTTP transactions
17 data transactions