urlscan.io logo urlscan.io
SecurityTrails logo

newsyou.info Open in urlscan Pro
185.248.101.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Effective URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Submission: On December 23 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 11 countries across 81 domains to perform 483 HTTP transactions. The main IP is 185.248.101.21, located in Russian Federation and belongs to IPSERVER-RU-NET Fiord, RU. The main domain is newsyou.info.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 23rd 2021. Valid for: a year.
This is the only time newsyou.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 185.248.101.21 44812 (IPSERVER-...)
10 2a00:1450:400... 15169 (GOOGLE)
2 85.192.12.170 12695 (DINET-AS)
31 62.76.25.27 61400 (NETRACK-AS)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 165.22.198.175 14061 (DIGITALOC...)
7 93.95.100.117 48347 (MTW-AS)
4 33 104.19.133.78 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
11 79.171.117.17 64494 (VARITI-AS)
25 146.59.44.106 16276 (OVH)
2 2a03:2880:f02... 32934 (FACEBOOK)
8 85.192.12.174 12695 (DINET-AS)
6 80.211.42.243 31034 (ARUBA-ASN)
12 147.135.189.55 16276 (OVH)
1 2 88.212.201.198 39134 (UNITEDNET)
1 1 91.198.36.16 43405 (DIGITAL-V...)
1 91.198.36.78 43405 (DIGITAL-V...)
3 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 208722 (YNDX)
2 193.200.65.18 6681 (GIVEME-CLOUD)
8 37.48.86.87 60781 (LEASEWEB-...)
3 16 2a00:1450:400... 15169 (GOOGLE)
2 185.187.81.40 43332 (IDSTRATEG...)
3 193.106.95.134 48614 (ITSOFT-AS)
2 143.204.98.82 16509 (AMAZON-02)
1 14 172.217.18.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.187.81.41 43332 (IDSTRATEG...)
10 185.148.37.79 48347 (MTW-AS)
9 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
12 185.148.37.26 48347 (MTW-AS)
9 145.239.108.234 16276 (OVH)
10 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 94.23.153.171 16276 (OVH)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
2 2a02:2638:1::11 44788 (ASN-CRITE...)
1 77.123.132.42 35680 (VOLIA)
1 193.200.65.5 6681 (GIVEME-CLOUD)
3 4 31.220.27.134 39572 (ADVANCEDH...)
1 136.243.84.75 24940 (HETZNER-AS)
1 34.120.139.69 15169 (GOOGLE)
1 2 193.232.150.70 48061 (UMA-TECH-AS)
4 37.18.16.21 205675 (HYBRID-AS)
4 217.65.2.150 3175 (CITYTELEC...)
5 5 46.4.121.26 24940 (HETZNER-AS)
5 5 96.46.183.20 7979 (SERVERS-COM)
2 2 159.69.142.212 24940 (HETZNER-AS)
1 3 89.108.119.28 197695 (AS-REG)
6 93.95.102.105 48347 (MTW-AS)
1 1 157.90.179.216 24940 (HETZNER-AS)
1 1 195.201.243.72 24940 (HETZNER-AS)
4 4 195.209.108.38 52007 (ADRIVER-AS)
17 2a02:2638:1::3 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
4 5 2620:116:800d... 16509 (AMAZON-02)
1 1 52.29.77.212 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
2 2 198.47.127.19 3257 (GTT-BACKB...)
1 3 69.173.144.139 26667 (RUBICONPR...)
1 2600:1f18:445... 14618 (AMAZON-AES)
21 178.250.0.139 44788 (ASN-CRITE...)
3 178.250.2.150 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:7... 15169 (GOOGLE)
42 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:2638::2 44788 (ASN-CRITE...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 146.0.227.110 29066 (VELIANET-...)
1 193.200.65.6 6681 (GIVEME-CLOUD)
5 217.67.179.205 29226 (MASTERTEL...)
8 8 84.200.5.215 31400 (ACCELERAT...)
2 2 88.99.63.132 24940 (HETZNER-AS)
2 82.113.101.132 6805 (TDDE-ASN1)
2 2 78.46.85.162 24940 (HETZNER-AS)
2 82.113.101.236 6805 (TDDE-ASN1)
6 46.236.13.147 12703 (PULSANT-AS)
2 2 216.58.208.230 15169 (GOOGLE)
1 2 104.111.239.217 16625 (AKAMAI-AS)
1 148.251.139.77 24940 (HETZNER-AS)
3 143.204.98.61 16509 (AMAZON-02)
1 2a0c:5c81:509... 55081 (24SHELLS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
4 4 3.120.81.147 16509 (AMAZON-02)
2 2 99.80.191.196 16509 (AMAZON-02)
1 104.16.199.73 13335 (CLOUDFLAR...)
2 2 15.197.193.217 16509 (AMAZON-02)
2 2 35.212.212.222 15169 (GOOGLE)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.138.119 201081 (SMARTADSE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 213.19.147.45 3356 (LEVEL3)
1 104.19.216.61 13335 (CLOUDFLAR...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 8.39.36.142 26667 (RUBICONPR...)
6 3.248.87.88 16509 (AMAZON-02)
483 80
37    185.248.101.21 (Russian Federation)

ASN44812 (IPSERVER-RU-NET Fiord, RU)
newsyou.info
10    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    85.192.12.170 (Russian Federation)

ASN12695 (DINET-AS, RU)
vcmjf535tx.ru
31    62.76.25.27 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
ocmurc.com
8    2606:4700:10::6816:294a (United States)

ASN13335 (CLOUDFLARENET, US)
jsn.24smi.net
1    165.22.198.175 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
calculator.codes
7    93.95.100.117 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
news.2xclick.ru
news.gnezdo.ru
33    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cm.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
4    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
11    79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)
ppvesdfiojol.com
25    146.59.44.106 (France)

ASN16276 (OVH, FR)
PTR: vps-63464c75.vps.ovh.net
a4p.adpartner.pro
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)
pxksnymto.ru
dmpprof.com
dprof.site
6    80.211.42.243 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host243-42-211-80.serverdedicati.aruba.it
telegram.im
12    147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com
m.mixadvert.com
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
1    91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua
r.i.ua
1    91.198.36.78 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: sh02.mi6.kiev.ua
i.i.ua
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
2    193.200.65.18 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: utarget.pro
utarget.ru
8    37.48.86.87 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ns4.24smi.org
data.24smi.net
16    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
3    193.106.95.134 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
prodmp.ru
2    143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
openfpcdn.io
14    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
partner.googleadservices.com
cm.g.doubleclick.net
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
loadercdn.net
10    185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi5.gnezdo.ru
9    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    185.148.37.26 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
zn3.2xclick.ru
9    145.239.108.234 (France)

ASN16276 (OVH, FR)
PTR: d5.mix.storage.badvps.com
i.mixadvert.com
10    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    94.23.153.171 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: d5.mix.site.badvps.com
mixadvert.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    77.123.132.42 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 42.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
4    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de
recreativ.ru
1    34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com
dsp-trk.eskimi.com
2    193.232.150.70 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp14.sender.ltmse.com
px.adhigh.net
4    37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
4    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
5    46.4.121.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info
www.acint.net
5    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    159.69.142.212 (Hobstin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.142.69.159.clients.your-server.de
exchange.buzzoola.com
3    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
6    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
1    157.90.179.216 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1407630.sapientru.net
ssp-rtb.sape.ru
1    195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info
acint.net
4    195.209.108.38 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
17    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
5    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    52.29.77.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-77-212.eu-central-1.compute.amazonaws.com
d.agkn.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    2600:1f18:445b:903:c624:a695:f9d2:6242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ag.innovid.com
21    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
3    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
42    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    2606:4700:20::681a:34 (United States)

ASN13335 (CLOUDFLARENET, US)
img.servestatic.net
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
3    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
5    217.67.179.205 (Balashikha, Russian Federation)

ASN29226 (MASTERTEL-AS Moscow, Russia, RU)
PTR: 217-67-179-205.in-addr.mastertelecom.ru
guepslka.com
8    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    88.99.63.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.o2online.de
2    82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
2    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.blau.de
2    82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de
portal.blau.de
6    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
2    216.58.208.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fjr01s01-in-f6.1e100.net
ad.doubleclick.net
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
3    143.204.98.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-61.fra50.r.cloudfront.net
analytics.webgains.io
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    3.120.81.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-81-147.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    99.80.191.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-191-196.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.138.119 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
6    3.248.87.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
42 ad4m.at
as.ad4m.at
ad4m.at
assets.ad4m.at
1 MB
41 criteo.net
static.criteo.net
pix.eu.criteo.net
csm.eu.criteo.net
930 KB
37 newsyou.info
newsyou.info
2 MB
33 mgid.com
jsc.mgid.com
cm.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
408 KB
31 ocmurc.com
ocmurc.com
589 KB
30 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
65 KB
26 adpartner.pro
a4p.adpartner.pro
file.adpartner.pro
52 KB
24 mixadvert.com
m.mixadvert.com
i.mixadvert.com
mixadvert.com
392 KB
21 gnezdo.ru
fcgi5.gnezdo.ru
news.gnezdo.ru
fcgi4.gnezdo.ru
37 KB
20 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
244 KB
16 24smi.net
jsn.24smi.net
data.24smi.net
50 KB
14 2xclick.ru
news.2xclick.ru
zn3.2xclick.ru
384 KB
11 gstatic.com
fonts.gstatic.com
222 KB
11 ppvesdfiojol.com
ppvesdfiojol.com
130 KB
9 webgains.io
analytics.webgains.io
api.webgains.io
154 KB
9 googleapis.com
fonts.googleapis.com
6 KB
7 rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-us-west.rubiconproject.com
12 KB
6 webgains.com
track.webgains.com
60 KB
6 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
12 KB
6 acint.net
www.acint.net
acint.net
2 KB
6 criteo.com
rtb.nl.eu.criteo.com
ads.eu.criteo.com
cat.nl.eu.criteo.com
rtb.fr.eu.criteo.com
115 KB
6 telegram.im
telegram.im
21 KB
5 guepslka.com
guepslka.com
140 KB
5 quantserve.com
cms.quantserve.com
2 KB
5 betweendigital.com
ads.betweendigital.com
3 KB
5 googletagservices.com
www.googletagservices.com
183 KB
5 google.com
adservice.google.com
www.google.com
671 B
5 yandex.com
mc.yandex.com
3 KB
4 bidswitch.net
x.bidswitch.net
2 KB
4 blau.de
partner.blau.de
portal.blau.de
4 KB
4 o2online.de
partner.o2online.de
portal.o2online.de
4 KB
4 lead-alliance.net
www.lead-alliance.net
3 KB
4 telefonica-partner.de
www.telefonica-partner.de
1 KB
4 dmpprof.com
dmpprof.com
2 KB
4 adriver.ru
ad.adriver.ru
3 KB
4 new-programmatic.com
match.new-programmatic.com
860 B
4 hybrid.ai
dm.hybrid.ai
949 B
4 uuidksinc.net
s.uuidksinc.net
882 B
4 cloudflare.com
cdnjs.cloudflare.com
45 KB
3 aidata.io
x01.aidata.io
1 KB
3 prodmp.ru
prodmp.ru
490 B
3 google-analytics.com
www.google-analytics.com
40 KB
2 creativecdn.com
creativecdn.com
687 B
2 e-volution.ai
sync.e-volution.ai
918 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
754 B
2 adsrvr.org
match.adsrvr.org
907 B
2 360yield.com
ad.360yield.com
611 B
2 awin1.com
www.awin1.com
1 KB
2 dprof.site
dprof.site
1 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 buzzoola.com
exchange.buzzoola.com
380 B
2 adhigh.net
px.adhigh.net
730 B
2 trafmag.com
t.trafmag.com
m.trafmag.com
702 B
2 google.de
adservice.google.de
914 B
2 openfpcdn.io
openfpcdn.io
844 B
2 zmctrack.net
s.zmctrack.net
24 KB
2 utarget.ru
utarget.ru
49 KB
2 yandex.ru
mc.yandex.ru
66 KB
2 i.ua
r.i.ua
i.i.ua
2 KB
2 yadro.ru
counter.yadro.ru
1 KB
2 pxksnymto.ru
pxksnymto.ru
96 KB
2 facebook.net
connect.facebook.net
84 KB
2 vcmjf535tx.ru
vcmjf535tx.ru
61 KB
1 lentainform.com
cm.lentainform.com
495 B
1 1rx.io
sync.1rx.io
107 B
1 zeotap.com
mwzeom.zeotap.com
453 B
1 smartadserver.com
ssbsync.smartadserver.com
347 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
880 B
1 congstar.de
banner.congstar.de
517 B
1 admixer.net
inv-nets.admixer.net
497 B
1 servestatic.net
img.servestatic.net
18 KB
1 innovid.com
ag.innovid.com
296 B
1 openx.net
rtb.openx.net
350 B
1 agkn.com
d.agkn.com
763 B
1 sape.ru
ssp-rtb.sape.ru
655 B
1 eskimi.com
dsp-trk.eskimi.com
224 B
1 recreativ.ru
recreativ.ru
110 B
1 loadercdn.net
loadercdn.net
170 B
1 googleadservices.com
partner.googleadservices.com
646 B
1 calculator.codes
calculator.codes
20 KB
483 81
Domain Requested by
37 newsyou.info newsyou.info
pagead2.googlesyndication.com
31 ocmurc.com newsyou.info
ocmurc.com
25 a4p.adpartner.pro newsyou.info
a4p.adpartner.pro
21 pix.eu.criteo.net ads.eu.criteo.com
newsyou.info
18 assets.ad4m.at as.ad4m.at
17 static.criteo.net ads.eu.criteo.com
15 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
newsyou.info
13 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
newsyou.info
12 ad4m.at as.ad4m.at
ad4m.at
12 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
12 cm.mgid.com 4 redirects jsc.mgid.com
newsyou.info
12 zn3.2xclick.ru newsyou.info
news.2xclick.ru
12 m.mixadvert.com newsyou.info
m.mixadvert.com
11 fonts.gstatic.com fonts.googleapis.com
11 ppvesdfiojol.com newsyou.info
ppvesdfiojol.com
10 tpc.googlesyndication.com googleads.g.doubleclick.net
10 fcgi5.gnezdo.ru news.2xclick.ru
newsyou.info
10 pagead2.googlesyndication.com newsyou.info
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
9 i.mixadvert.com newsyou.info
m.mixadvert.com
9 fonts.googleapis.com newsyou.info
client
cdnjs.cloudflare.com
vcmjf535tx.ru
8 data.24smi.net jsn.24smi.net
8 jsn.24smi.net newsyou.info
jsn.24smi.net
7 s-img.mgid.com newsyou.info
7 jsc.mgid.com newsyou.info
jsc.mgid.com
6 api.webgains.io analytics.webgains.io
6 track.webgains.com as.ad4m.at
6 fcgi4.gnezdo.ru newsyou.info
6 telegram.im newsyou.info
telegram.im
5 guepslka.com newsyou.info
5 cms.quantserve.com 4 redirects googleads.g.doubleclick.net
5 ads.betweendigital.com 5 redirects
5 www.acint.net 5 redirects
5 www.googletagservices.com googleads.g.doubleclick.net
5 news.gnezdo.ru newsyou.info
news.2xclick.ru
5 mc.yandex.com 2 redirects newsyou.info
4 x.bidswitch.net 4 redirects
4 www.lead-alliance.net 4 redirects
4 www.telefonica-partner.de 4 redirects
4 dmpprof.com pxksnymto.ru
4 ad.adriver.ru 4 redirects
4 match.new-programmatic.com newsyou.info
4 dm.hybrid.ai newsyou.info
4 s.uuidksinc.net 3 redirects newsyou.info
4 cdnjs.cloudflare.com newsyou.info
ads.eu.criteo.com
3 analytics.webgains.io track.webgains.com
3 servicer.mgid.com jsc.mgid.com
3 static-de.ad4mat.net as.ad4m.at
3 prod-rtb.ad4mat.net googleads.g.doubleclick.net
newsyou.info
3 www.google.com googleads.g.doubleclick.net
3 csm.eu.criteo.net ads.eu.criteo.com
3 x01.aidata.io 1 redirects newsyou.info
3 mixadvert.com newsyou.info
3 prodmp.ru pxksnymto.ru
3 www.google-analytics.com newsyou.info
www.google-analytics.com
a4p.adpartner.pro
2 creativecdn.com 2 redirects
2 sync.e-volution.ai 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 match.adsrvr.org 2 redirects
2 ad.360yield.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 cdn.mgid.com newsyou.info
2 www.awin1.com 1 redirects as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 c.mgid.com jsc.mgid.com
newsyou.info
2 portal.blau.de as.ad4m.at
2 partner.blau.de 2 redirects
2 portal.o2online.de as.ad4m.at
2 partner.o2online.de 2 redirects
2 dprof.site pxksnymto.ru
2 pixel.rubiconproject.com 1 redirects newsyou.info
2 image6.pubmatic.com 2 redirects
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 exchange.buzzoola.com 2 redirects
2 px.adhigh.net 1 redirects newsyou.info
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 openfpcdn.io pxksnymto.ru
2 s.zmctrack.net newsyou.info
2 utarget.ru newsyou.info
utarget.ru
2 mc.yandex.ru 1 redirects newsyou.info
2 counter.yadro.ru 1 redirects newsyou.info
2 pxksnymto.ru vcmjf535tx.ru
ppvesdfiojol.com
2 connect.facebook.net newsyou.info
connect.facebook.net
2 news.2xclick.ru newsyou.info
2 vcmjf535tx.ru newsyou.info
vcmjf535tx.ru
1 pixel-us-west.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 cm.lentainform.com newsyou.info
1 sync.1rx.io newsyou.info
1 mwzeom.zeotap.com newsyou.info
1 ssbsync.smartadserver.com 1 redirects
1 cm.idealmedia.io newsyou.info
1 secure-assets.rubiconproject.com 1 redirects
1 s.adtelligent.com cm.mgid.com
1 banner.congstar.de as.ad4m.at
1 m.trafmag.com newsyou.info
1 inv-nets.admixer.net 1 redirects
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 img.servestatic.net newsyou.info
1 ag.innovid.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 acint.net 1 redirects
1 ssp-rtb.sape.ru 1 redirects
1 dsp-trk.eskimi.com newsyou.info
1 recreativ.ru newsyou.info
1 t.trafmag.com newsyou.info
1 file.adpartner.pro newsyou.info
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 loadercdn.net newsyou.info
1 partner.googleadservices.com pagead2.googlesyndication.com
1 i.i.ua newsyou.info
1 r.i.ua 1 redirects
1 calculator.codes newsyou.info
0 sync.adtelligent.com Failed s.adtelligent.com
483 116
Subject Issuer Validity Valid
newsyou.info
AlphaSSL CA - SHA256 - G2		 2021-02-23 -
2022-03-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpizy1uy3x.ru
R3		 2021-10-27 -
2022-01-25		 3 months crt.sh
ocmurc.com
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-13 -
2022-10-12		 a year crt.sh
calculator.codes
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
news.2xclick.ru
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
ppvesdfiojol.com
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
adpartner.pro
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-02 -
2021-12-31		 3 months crt.sh
pwrlkyotm.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
telegram.im
R3		 2021-12-23 -
2022-03-23		 3 months crt.sh
m.mixadvert.com
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.utarget.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-06-09 -
2022-07-07		 a year crt.sh
*.24smi.net
AlphaSSL CA - SHA256 - G2		 2021-01-02 -
2022-02-03		 a year crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-21 -
2022-04-25		 a year crt.sh
prodmp.ru
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
openfpcdn.io
Amazon		 2021-11-11 -
2022-12-10		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
loadercdn.net
R3		 2021-11-26 -
2022-02-24		 3 months crt.sh
fcgi5.gnezdo.ru
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
news.gnezdo.ru
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
zn3.2xclick.ru
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
i.mixadvert.com
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
mixadvert.com
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
uuidksinc.net
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2021-08-23 -
2022-09-06		 a year crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-12 -
2022-05-13		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
new-programmatic.com
R3		 2021-10-24 -
2022-01-22		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
dmpprof.com
R3		 2021-11-22 -
2022-02-20		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
my.aidata.me
Sectigo RSA Domain Validation Secure Server CA		 2020-02-25 -
2022-02-25		 2 years crt.sh
guepslka.com
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-03 -
2022-03-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh

This page contains 47 frames:

Primary Page: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Frame ID: AD601D9193DF0E8C633573AC83355793
Requests: 247 HTTP requests in this frame

Frame: data://truncated
Frame ID: 087EDAC0E006F4378DD630CE0A83A2A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 47F3033BDCB94FE2D3475790FF8D004B
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 6EC29695ABAC71C5380914C69A01860E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Frame ID: F91C9A3101E558807F814F272A9870BB
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=610&screen_width=1600&reload_count=0&banner_num=1640280695365642665&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Frame ID: 3F574D997FF7DD09AF9A4E9B057717B3
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=610&screen_width=1600&reload_count=0&banner_num=1640280695364180726&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Frame ID: AFC1703F00729E49BE965693184B66A9
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7882&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=300&screen_width=1600&reload_count=0&banner_num=1640280695412584313&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Frame ID: 7C453173F181A4489F1560C38185682B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=1573534164&lmt=1640280695&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695481&bpp=3&bdt=747&idt=484&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7854390752414&frm=20&pv=2&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=504
Frame ID: 630B026CC497BA2D9F8679FF3AE78525
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Frame ID: F3710AB578194D2768D125043EF17B15
Requests: 8 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Frame ID: 11806B26CA80CA149B289C96AE9580A2
Requests: 8 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 9752F86C7B26ED6FC83D4655807AD3DF
Requests: 4 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-bottom.php
Frame ID: 901E1BC4718327A31C387F0D72BCFE48
Requests: 9 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Frame ID: 5C84809E5AA0E06A7BD884F464C750A8
Requests: 7 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: BF4243E88378EB678A1F1C44B73370A2
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Frame ID: 07D947BA30E26338569918E00141A60B
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 1BEA268A9DBBE58F8CE3BBE743247666
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 582C50D8C3E53B4CE14BC5A122F188EB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Frame ID: F2C983311E4856EADAB10F76E4600FBC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
Frame ID: 2B1751074B42C28F2342CB96B3AD912C
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2246e05ec2-befa-4543-ad8b-4abe4bdbded7%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2038647%2C%22cost%22%3A0.000157179%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22cdf55808-7a99-406f-ac6a-1286139aead5%22%7D%2C%7B%22ad_id%22%3A2297870%2C%22cost%22%3A0.000109135%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22067a3ce0-5bef-4195-be8b-32e09a91ec34%22%7D%2C%7B%22ad_id%22%3A2287865%2C%22cost%22%3A0.0000614353%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22f900a96d-ff13-4efe-8a28-a597a07d59e7%22%7D%5D%2C%22unit_id%22%3A7460%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI%22%7D
Frame ID: 6888E64FAFAF94CFCAC685F33E08BD8C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Frame ID: 270D2429D9478256901853796D6CA37E
Requests: 8 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: D4A799D42FF713CD6C2145D7F51AF86F
Requests: 4 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2246e05ec2-befa-4543-ad8b-4abe4bdbded7%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22504dc77a-987a-49f9-9f7a-47e13550619b%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2287653b3c-bac2-40ad-a738-e0eea0a239ce%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2245beff60-da0c-4f18-bb10-028f56cbf29f%22%7D%2C%7B%22ad_id%22%3A1714798%2C%22cost%22%3A0.000399628%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22978a1c9e-19df-40d1-adeb-44b2d52db912%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI%22%7D
Frame ID: FB04589F0776E75ECBA7A99FBC55AE55
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2246e05ec2-befa-4543-ad8b-4abe4bdbded7%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297875%2C%22cost%22%3A0.000731996%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2291df2419-a552-4ccf-877b-d81323b33373%22%7D%2C%7B%22ad_id%22%3A2004555%2C%22cost%22%3A0.000173399%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2260bb657d-066d-48b2-a7a0-44b282ba6879%22%7D%5D%2C%22unit_id%22%3A7882%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI%22%7D
Frame ID: 42971035C6BF82B4B26C6C0E88F2A7E1
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252246e05ec2-befa-4543-ad8b-4abe4bdbded7%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5555%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fnewsyou.info%252FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI%2522%257D
Frame ID: 8180CEB5AA62BB0B35E5B286B68160C4
Requests: 1 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 7F423ECD81D9E93763135D2D0159E56E
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gat99c74ennwtvg1csymj0yfd2gag457h9q5jcg38pab3b13h9xza6zsnxvpah8nh4p71x1jr7qt02e6r3crtbegjtgc8arcv9y1drw19sfekq2wqbabh95t79qchqs4cwx9xaeykg0crr9kr6kggb81btz5x5vcp9ejxpb8w9x1mm3fhzeq6zdq38rc6m1yhf77mj5bcj0zw96hh2dvsrbhf7ywp70kjajkyrgf3whk5ej6zacyxcebdpern40chax73phxqhpp1e7p760y7g0czc6vf69b869f6yd9sgvwqb8jxytw1ew80vax4w0ed2tmssbcjfx8xcqm8k9f2ntfg7815jb22bd52pm3561axjwta321tr9zze10exrc4gfwja7th35e3h6wwh3c619c67zgkd0cv7fvhtv23em3m2tcss92&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: E403B47EF0EA1E3A901B11DAAAADE892
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A9EA328BEE073CF95518E391038EF737
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1heheq88nkye3x7qp9anzw1ttdspbs2997rdqbt5nk509tgbv1120r1dcvmps6q9qdvfaf78capefxp68hp6vzq0s3aqec1mq02j1ghtmdkd82gww0q0yfdjthqx2ncbm2x146zvcqthstmaz9gh3k2erz271qcgws9zarav694qg1bx8k91120a4w1fbdg0ebv5mazr66211xb0tjh14x2nmt9re4hs6jjp4p61tzsxjf3t1gvspb2eh8ghdrw5bs0xh0c5sx7xjk5yh8zw04nh2nzrk7fe15djs8zyvbdfzjqxr8y3bdecc761qm4nzyfqg23ehkrekdkbqh0h2khz02d2mff8p5n4edfzsb9dc1v5tmxzm9yx7tfa3r53rdmdy0gqpesgx2y9hyfcmja4ta1pqf90vaqvwb13sdeea2fmjxx7t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: A1A638BF4FA96D0426D867AC36C3B855
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4087773DBD41889AB420BF91159B4889
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 1996623F6EE218FB88178A87490241B1
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A456F004A58EF9FBECC532EC8CBA25E4
Requests: 3 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 051422B84B56B464C4F996EC2F64FD50
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C_XvdebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEiwJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTzq5N-h6zHWEyhMCpuBK-iFBmttvwkplTN-99FYne36GQ5JYB5GmABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=GaB9XwgrgRc&uach_m=[UACH]&cid=CAQSOwCNIrLMCojEO3GOy26dT_f1sS4_08v74Tnhw4FYR7eB4hgXOFVhy3gC1byxJrHM_Q_i26RUoloy9-7LGAE
Frame ID: FC0595E20A18D04D768225F72F1B7991
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h2byxq689ckdpcavqw4nm140v0jabmxezwz8wk21p1gk9f46v3549jct96zzjwqn6762gbhkcrpwx9qcxdew98brg1c3qzc3d68xfaxvxy344ntb9jpv2639y7cnb6tdt8ykywrjhtamfw17yg2184d85dsatf487jfymdtqy7504p06e0p942m68df9a78adafrzxp95486r55x1858nzvxv5ege2h00bksqrefkyhwh6chp3egdm8tbm4ae25q0m5wcdw7ac48kxdxdv91jafht4rrszmvhpnnx0mqm65q7dg2we6ca02azw7rj99t07kty3nf7xp81hj5xe56et9zbab720heghqyba9vv56zk6fpqqmc61ypnybhjtg4vs061wzj2pdnktp6cbpts3eez04ha685w09axjfr1mq0zsj667ha&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 392EC621E9C4EC4D3F81325520669DEB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 068AB1ED2A7B1CA3731B201A0C6A60F8
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3B6538FB96978DE267196B5F05C60601
Requests: 1 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: C5CC8AFCEE76EFB1CA8EFC1EC6ECC6C0
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0A67F8733864AE912A66EB39CF423186
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3311F59C94420978E69460767B4204E7
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: 5EF8695B73C9534709E9440DDCD19E33
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: 053C4FF3C3A2E29EA651283B6E078D79
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: D3D43E5C7F8A26C33A20C5F929934FA7
Requests: 14 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1640280698836485389653
Frame ID: 396F7EE20A9CE22F997A1CBBE9EBCBF4
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 186311AC36A6E7338D683639B59AF3DF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Frame ID: 4F3ADB1138AA07D32DECF01D0389254F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Польша сократит срок действия COVID-сертификатов и после бустерной прививки - Новости Ю

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

483
Requests

91 %
HTTPS

26 %
IPv6

81
Domains

116
Subdomains

80
IPs

11
Countries

8263 kB
Transfer

12285 kB
Size

119
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI;0.5999624808992787 HTTP 302
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI;0.5999624808992787
Request Chain 60
  • https://r.i.ua/s?u224079&p264&n0.02044732019028861&c1&d24&w1600&h1200&rnewsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI HTTP 302
  • https://i.i.ua/r/3_3_1.png
Request Chain 97
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9496.wkUzkPRsiYV2_LS-X9syj_T-S3GYobDAPscKNbv537OlkL7uM73Pc430CNt_zZ2j.Wh_JZoiJ3nMxyE_XC68agxay5w0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9496.coEI-2ugugLs84RcFn1BhR3PEAf42Itc9lCAaekhhF0pSz83LZAAbh0aqktLQHOgv8SC_Afs3qhG9DYIF2PSvQ%2C%2C.AzC1K3q1FMiTPmWzuKKcpXhiHgk%2C
Request Chain 126
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695486&bpp=1&bdt=752&idt=1226&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1007&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4Xck6fCmw9&p=https%3A//newsyou.info&dtd=1248 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Request Chain 154
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695487&bpp=1&bdt=753&idt=1341&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=q5SoNobMCp&p=https%3A//newsyou.info&dtd=1370 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-bottom.php
Request Chain 155
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695488&bpp=1&bdt=754&idt=1428&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=dPzNthFU8p&p=https%3A//newsyou.info&dtd=1442 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Request Chain 170
  • https://mc.yandex.com/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A586103880548%3Ahid%3A448144870%3Az%3A0%3Ai%3A20211223173135%3Aet%3A1640280696%3Ac%3A1%3Arn%3A911164148%3Arqn%3A1%3Au%3A1640280696124460632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280693660%3Ads%3A0%2C168%2C787%2C41%2C0%2C0%2C%2C602%2C13%2C%2C%2C%2C1676%3Adsn%3A0%2C168%2C787%2C41%2C0%2C0%2C%2C564%2C13%2C%2C%2C%2C1676%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280697%3At%3A%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%20%D1%81%D1%80%D0%BE%D0%BA%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20COVID-%D1%81%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B2%D0%BA%D0%B8%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A586103880548%3Ahid%3A448144870%3Az%3A0%3Ai%3A20211223173135%3Aet%3A1640280696%3Ac%3A1%3Arn%3A911164148%3Arqn%3A1%3Au%3A1640280696124460632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280693660%3Ads%3A0%2C168%2C787%2C41%2C0%2C0%2C%2C602%2C13%2C%2C%2C%2C1676%3Adsn%3A0%2C168%2C787%2C41%2C0%2C0%2C%2C564%2C13%2C%2C%2C%2C1676%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280697%3At%3A%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%20%D1%81%D1%80%D0%BE%D0%BA%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20COVID-%D1%81%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B2%D0%BA%D0%B8%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 184
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=46e05ec2-befa-4543-ad8b-4abe4bdbded7 HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D10&cdsp=363190&user_id=46e05ec2-befa-4543-ad8b-4abe4bdbded7&sct=1 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
Request Chain 185
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=46e05ec2-befa-4543-ad8b-4abe4bdbded7 HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D9&cdsp=363190&user_id=46e05ec2-befa-4543-ad8b-4abe4bdbded7&sct=1 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
Request Chain 189
  • https://px.adhigh.net/p/cm/adpdigital HTTP 302
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
Request Chain 192
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F79B2C4610C08E82B02134863
Request Chain 193
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F79B2C4610C08E82B02134863
Request Chain 194
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=dbfdb6e8-6d9c-5365-8252-d588e39667f1
Request Chain 195
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=dbfdb6e8-6d9c-5365-8252-d588e39667f1
Request Chain 196
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9a7fa744-fabf-4a07-7261-d93e0a8eb24d
Request Chain 197
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=9e93063a-b438-4098-79cc-61f4be5e6545
Request Chain 209
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngCY0OO_TO0Ag== HTTP 302
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngCY0OO_TO0Ag==&bounce=1
Request Chain 210
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HEsngCY0OO_TO0Ag== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/preuJIPZheUKedacC0sm
Request Chain 211
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HEsngCY0OO_TO0Ag== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/preuJIPZheUKedacC0sm
Request Chain 212
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=uZQlT2HEsngCY0OO_TO0Ag== HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2FSape-dsp%2F$%7BUSER_ID%7D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F79B2C46117001E4302EE7D1A&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F79B2C46117001E4302EE7D1A HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F79B2C46117001E4302EE7D1A
Request Chain 214
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngCY0OO_TO0Ag== HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngCY0OO_TO0Ag==&tuid=-5455599665 HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/Ai3ULYJnbXNU_Tf-1f5J_AQ
Request Chain 229
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEM7hnbkVra_7vjaK9q-ms9w&google_cver=1&google_push=AYg5qPI1Z2W-DjKXG3KQ0OQ8802G_3YYLE8oenhThP0hqPyf4FULLfVzPmKfPJfVFLekdnP8tjPPPsI2jgEqe65m1mMgNYGwn1yN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI1Z2W-DjKXG3KQ0OQ8802G_3YYLE8oenhThP0hqPyf4FULLfVzPmKfPJfVFLekdnP8tjPPPsI2jgEqe65m1mMgNYGwn1yN&google_hm=Q0FFU0VNN2huYmtWcmFfN3ZqYUs5cS1tczl3
Request Chain 231
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOkqE1y6oalSTPur_3fxUug&google_cver=1&google_push=AYg5qPKQQ-guxkvZ552EYTm5zLa4VJXkxDC8sW8X6jzNOw_98Z4hEEppJlIXCqHcIeBuEX1Yesq1oQGrBfaqdpTSAj4XRE4mGQJO HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOkqE1y6oalSTPur_3fxUug&google_cver=1&google_push=AYg5qPKQQ-guxkvZ552EYTm5zLa4VJXkxDC8sW8X6jzNOw_98Z4hEEppJlIXCqHcIeBuEX1Yesq1oQGrBfaqdpTSAj4XRE4mGQJO&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wxuyj3NmRVqC9lLDapVE1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKQQ-guxkvZ552EYTm5zLa4VJXkxDC8sW8X6jzNOw_98Z4hEEppJlIXCqHcIeBuEX1Yesq1oQGrBfaqdpTSAj4XRE4mGQJO
Request Chain 232
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIJF7v4CMO25GZStd-GwPWA&google_cver=1&google_push=AYg5qPJbKfl9_W4A7Ws7zlV8r7dijQtQ_LhbHeXBmXN4mYjXnNS2nORYFLgHH9F7Xjfjdoyh8PpsnBmS6d8JuHNxBkW4CLBIOj0k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZQkUtMjgtOE5DNA==&google_push=AYg5qPJbKfl9_W4A7Ws7zlV8r7dijQtQ_LhbHeXBmXN4mYjXnNS2nORYFLgHH9F7Xjfjdoyh8PpsnBmS6d8JuHNxBkW4CLBIOj0k
Request Chain 233
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_cver=1&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1
Request Chain 297
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNVEFxopzAvLMAzWmSPoRg&google_cver=1&google_push=AYg5qPLF1tjsQmxf_BqtwUEX5Yi_hLfBnNP6K15BRzlLY_t8ebRej2XawoCDqmSDHGTO_o5vsyhRGdoTKF0g_wgwF25HsRoB8RI HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLF1tjsQmxf_BqtwUEX5Yi_hLfBnNP6K15BRzlLY_t8ebRej2XawoCDqmSDHGTO_o5vsyhRGdoTKF0g_wgwF25HsRoB8RI&google_hm=nmfmJk9_k4nXLYuXzC-a0A
Request Chain 310
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=cb47997f-3352-415f-ba5e-7172d357ec64 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=ccb0d0e5568e45c490260f083227a230
Request Chain 319
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNVEFxopzAvLMAzWmSPoRg&google_cver=1&google_push=AYg5qPKN5g4vqQkuE8ve8DhrlVOVVJ1J6v8WEA8ik4W7S2d53wWronLuyDL-A16peX0G2Huamxy42XSbXwfXKNrEF3vCQTcwAc44Kw HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKN5g4vqQkuE8ve8DhrlVOVVJ1J6v8WEA8ik4W7S2d53wWronLuyDL-A16peX0G2Huamxy42XSbXwfXKNrEF3vCQTcwAc44Kw&google_hm=nmfmJk9_k4nXLYuXzC-a0A
Request Chain 332
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngCY0OO_TO0Ag== HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngCY0OO_TO0Ag==&tuid=-6280346572 HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AGNRClfj5WfyyWw8J-7ebRg
Request Chain 334
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HEsngCY0OO_TO0Ag== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/preuJIPZheUKedacC0sm
Request Chain 339
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNVEFxopzAvLMAzWmSPoRg&google_cver=1&google_push=AYg5qPIp2JT53YYF9tQy5ohb3utB92PljkcgGMMZuqvmijUKmkLPrkulv_Jm2Psw8Q1kjVrO81mHXBL-gwFmNE890uGwIiKYy9OVdBzfzzYil35L_chN0OyEt0hnFvUKJSVZTixL65fqovhmO7eLvMEf798 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIp2JT53YYF9tQy5ohb3utB92PljkcgGMMZuqvmijUKmkLPrkulv_Jm2Psw8Q1kjVrO81mHXBL-gwFmNE890uGwIiKYy9OVdBzfzzYil35L_chN0OyEt0hnFvUKJSVZTixL65fqovhmO7eLvMEf798&google_hm=nmfmJk9_k4nXLYuXzC-a0A
Request Chain 350
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNVEFxopzAvLMAzWmSPoRg&google_cver=1&google_push=AYg5qPKM1s7DhC9W_leXvgMuLFLuvmetEL52KSO1s4vNrZrAVYH0D29ILcuGQ52WJM2c56zEJnjIS48UP77wJ1A-xNTRt2zPA05VQYjRCq6sm7k0kUIZwHP4UsjLWzk85AfzeA9ooikGwHli9frfhYNtfA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKM1s7DhC9W_leXvgMuLFLuvmetEL52KSO1s4vNrZrAVYH0D29ILcuGQ52WJM2c56zEJnjIS48UP77wJ1A-xNTRt2zPA05VQYjRCq6sm7k0kUIZwHP4UsjLWzk85AfzeA9ooikGwHli9frfhYNtfA&google_hm=nmfmJk9_k4nXLYuXzC-a0A
Request Chain 413
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313860669266455X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021122318313860669266455X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266455X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Request Chain 416
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122318313860669266443X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266443X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Request Chain 422
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313860669266461X117679V1226132702MSoneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021122318313860669266461X117679V1226132702MSoneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266461X117679V1226132702MSoneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Request Chain 425
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122318313860669266415X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266415X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Request Chain 440
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLr8mOO5-vQCFZTHUQodSIoFAA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280699_2fe5a500-6416-11ec-9cab-2239e6ba3d41
Request Chain 469
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Request Chain 470
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=dbfdb6e8-6d9c-5365-8252-d588e39667f1&ssp=mgid&expires=30&user_group=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=840c7006-8478-4dd5-8212-0979990999d9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 471
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=01c39c06-dbbe-4e14-94a1-e215254dd232
Request Chain 473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=fed93ff5-e0f1-459a-83b9-9691a13aecf1&ttl=1642872699
Request Chain 474
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=86e2aab0-27e2-4234-bf23-01ec784b02af
Request Chain 475
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbnBLduddPv9 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=3009984102882433811&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 477
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lbnBLduddPv9 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/840c7006-8478-4dd5-8212-0979990999d9?gdpr=&gdpr_consent=
Request Chain 479
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=2TxjfHCmI8jiCFVo23f9&pi=mgid&tc=1
Request Chain 480
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJuQkxkdWRkUHY5&muidn=lbnBLduddPv9 HTTP 302
  • https://cm.mgid.com/google?muidn=lbnBLduddPv9&google_ula={guid},5&google_gid=CAESEIx_4UhiCcix_9NbsKvpEQU&google_cver=1

483 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
newsyou.info/ 		109 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
fbb11119f3f51ec2a0c08098383de743c39b7c5965874a0cc96141ab2ad8ca37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:20 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
28624
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Link
<https://newsyou.info/wp-json/>; rel="https://api.w.org/", <https://newsyou.info/wp-json/wp/v2/posts/584121>; rel="alternate"; type="application/json", <https://newsyou.info/?p=584121>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
mainstyle10.css
newsyou.info/ 		36 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/mainstyle10.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
a0a8aafea7c182cd50d239de71da565129cb1110563f5c87ede4f0bdd740008f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:20 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:31 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37351
Expires
Thu, 30 Dec 2021 17:26:20 GMT
magnific-popup.css
newsyou.info/wp-content/themes/newsyou/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/css/magnific-popup.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:20 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:07 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6951
Expires
Thu, 30 Dec 2021 17:26:20 GMT
jquery-1.11.1.min.js
newsyou.info/wp-content/themes/newsyou/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/jquery-1.11.1.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:20 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95786
Expires
Thu, 30 Dec 2021 17:26:20 GMT
scripts.js
newsyou.info/wp-content/themes/newsyou/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/scripts.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:20 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:10 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23604
Expires
Thu, 30 Dec 2021 17:26:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d501db58ccdb0013cb678f72bdcbb4547240c9e27836157e6835f6a0845798e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51838
x-xss-protection
0
server
cafe
etag
4465909644836621995
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:35 GMT
script.js
vcmjf535tx.ru/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vcmjf535tx.ru/script.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
93295644da9af673ecf074ce2a3962f685662b6f69c498a77a37e4708b84ce5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
x-adsbid-request
yutmc_ol7s2v
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
server
nginx/1.18.0
otv1l7192ivl0pmy03q8h867quv768kypg019a.php
ocmurc.com/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 11:24:02 GMT
server
nginx/1.14.2
etag
"61714dd2-4abc"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
19132
smi.js
jsn.24smi.net/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/smi.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72eb47be0de224add691e0ad18bf8ff3decae4be687d16893ae7bf2be0759fed
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 09:02:21 GMT
server
cloudflare
age
109
etag
W/"6166a09d-15d1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2353097b645b68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:29:46 GMT
gqzgemrxgm5ha3ddf43tkoi
calculator.codes/code/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://calculator.codes/code/gqzgemrxgm5ha3ddf43tkoi
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.22.198.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
06f3ceecbfe963e990253809b5612dd5b42567162590b69e11762144464e9dc5
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
style.min.css
newsyou.info/wp-includes/css/dist/block-library/ 		79 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:20 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:37 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80574
Expires
Thu, 30 Dec 2021 17:26:20 GMT
wp-automatic.css
newsyou.info/wp-content/plugins/wp-automatic/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/css/wp-automatic.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:20 GMT
Last-Modified
Wed, 24 Nov 2021 08:11:31 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2713
Expires
Thu, 30 Dec 2021 17:26:20 GMT
jquery.min.js
newsyou.info/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:20 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:29 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89521
Expires
Thu, 30 Dec 2021 17:26:20 GMT
jquery-migrate.min.js
newsyou.info/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:20 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:28 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11224
Expires
Thu, 30 Dec 2021 17:26:20 GMT
main-front.js
newsyou.info/wp-content/plugins/wp-automatic/js/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/js/main-front.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:20 GMT
Last-Modified
Wed, 24 Nov 2021 08:11:36 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1017
Expires
Thu, 30 Dec 2021 17:26:20 GMT
logo.png
newsyou.info/wp-content/themes/newsyou/img/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:08 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24862
Expires
Thu, 30 Dec 2021 17:26:21 GMT
2694868.jpg
newsyou.info/wp-content/uploads/2021/12/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/2694868.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
42f1001a0d21e42b0a40b9ff231b0ba95c48b4fd2fa21d3e4f1aba15e202b018

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 19:36:37 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115802
Expires
Thu, 30 Dec 2021 17:26:21 GMT
view.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/view.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15253
Expires
Thu, 30 Dec 2021 17:26:21 GMT
JP1qtZVugHn4XCGbHKCu5CvsFEoAMWfovjsOTqvJ.jpeg
newsyou.info/wp-content/uploads/2021/12/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/JP1qtZVugHn4XCGbHKCu5CvsFEoAMWfovjsOTqvJ.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
578b130d8727e233ece4772e7fd7680c22d200c00c76135d141a9ce2327f9126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Tue, 21 Dec 2021 19:02:52 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50434
Expires
Thu, 30 Dec 2021 17:26:21 GMT
8c5b19b-16poroshenko-1024x610-1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/8c5b19b-16poroshenko-1024x610-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
584cef30c8b0276d0fa2b0a7999ca5eb2de381f83546601106665e47d538f23c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Tue, 21 Dec 2021 19:00:58 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53266
Expires
Thu, 30 Dec 2021 17:26:21 GMT
menum.png
newsyou.info/wp-content/themes/newsyou/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/menum.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3725
Expires
Thu, 30 Dec 2021 17:26:21 GMT
sbtn.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/sbtn.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15582
Expires
Thu, 30 Dec 2021 17:26:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5994697028380609
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07b6f40871d52312e963b2290014f9085bbe3742c83959843dfa0b7c074cd004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51803
x-xss-protection
0
server
cafe
etag
9162502210335447670
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:35 GMT
loader.js
news.2xclick.ru/ 		102 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/loader.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
3eb4db2e6c27e9a8a54e3a1d233f47265a21634f8021c4f750578e5af7f2c590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Nov 2021 08:40:17 GMT
Server
nginx/1.10.3
ETag
"61a5e371-4e4d"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
application/javascript
Content-Length
20045
Expires
Fri, 24 Dec 2021 17:31:35 GMT
newsyou.info.1122348.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
3464
last-modified
Thu, 25 Nov 2021 11:26:29 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T72570RD0NPJGY08
x-amz-id-2
a28riq9jUGJJUVnKtT/pPOakUJ/WNw4ov5gAPz8DHVaSeh451uIM0yF56/HmeLWFnFnvFX0c6mE=
cf-bgj
minify
server
cloudflare
etag
W/"4a5ade7ca18e6cd9b124c7e488981183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c235309afdc5bfd-FRA
expires
Thu, 23 Dec 2021 20:31:35 GMT
newsyou.info.1146775.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8d71bdcae968558d46992970999923a5644067497dc156f3f888f517a58b9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
3464
last-modified
Thu, 25 Nov 2021 11:17:38 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VEGVT66BEMX4F1J1
x-amz-id-2
AI3/DIVSFpgmpWwOYqkeqn33GG85H2ENhud+ExCWyL8YWoRV8GzXXP9xMOUlvUgAywszU3keT14=
cf-bgj
minify
server
cloudflare
etag
W/"954fed81ee1ba109d87b56eb30d13bf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c235309afdd5bfd-FRA
expires
Thu, 23 Dec 2021 20:31:35 GMT
1640252769_4184.svg
newsyou.info/wp-content/uploads/imga6695d8/23-12-21/ 		327 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/imga6695d8/23-12-21/1640252769_4184.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
b1d8189f87b428e1e35303478ce05cf5100756c6deaf1e8517be0c2d5554c87c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 23 Dec 2021 09:46:09 GMT
Server
nginx/1.2.1
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
327
Expires
Thu, 30 Dec 2021 17:26:21 GMT
%D0%91%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD-%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB-%D0%B1%D1%83%D0%B4%D0%B5%D1%82-%D0%BB%D0%B8-%D0%BE%D0%BD-%D0%B1%D0%B0%D0%BB%D0%BB%D0%BE%D1%82%D0%B8%D1%80...
newsyou.info/wp-content/uploads/2021/12/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%91%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD-%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB-%D0%B1%D1%83%D0%B4%D0%B5%D1%82-%D0%BB%D0%B8-%D0%BE%D0%BD-%D0%B1%D0%B0%D0%BB%D0%BB%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F-%D0%BE%D0%BF%D1%8F%D1%82%D1%8C.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c71cfdc5d8624558e2cc670a0dfacfca40f7bafd4f1393ed067e4e381ad8e6e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 23 Dec 2021 05:37:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64815
Expires
Thu, 30 Dec 2021 17:26:21 GMT
https___ukr.media_static_ba_aimg_4_3_5_435738_1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/https___ukr.media_static_ba_aimg_4_3_5_435738_1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
fd42eb21f950a6ebd0e3eb2b9194232ddb6e1421fab1503b03a6d16a7476aecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 08:25:28 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198298
Expires
Thu, 30 Dec 2021 17:26:21 GMT
shutterstock_568076731-750x400-2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/shutterstock_568076731-750x400-2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
86c269f58ff013e4c961ae50583e44adfd794f0d415030a549cf2f92db0295b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 07:02:56 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26485
Expires
Thu, 30 Dec 2021 17:26:21 GMT
https___ukr.media_static_ba_aimg_4_3_5_435758_1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/https___ukr.media_static_ba_aimg_4_3_5_435758_1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
7bea74a8949fb8732fcd7fa98dc7f441dde603024aa79ddd781521c85dd33b93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 08:23:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108153
Expires
Thu, 30 Dec 2021 17:26:21 GMT
Muesli_Coffee_Fruit_46766-750x400-2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/Muesli_Coffee_Fruit_46766-750x400-2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0b033515b1023d80f80ee227136cf5509f6e5b66bb39450ddafa1d1bb5b2acab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 06:59:08 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84867
Expires
Thu, 30 Dec 2021 17:26:21 GMT
2694720-1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/2694720-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f2748fdac882bab3f3e1215e9946e0bb4a1b8a1af4c9a6b124e86ceda52ec531

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 19:38:29 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113443
Expires
Thu, 30 Dec 2021 17:26:21 GMT
%D0%92%D0%BB%D0%B0%D1%81%D1%82%D0%B8-%D0%94%D0%B5%D0%BB%D0%B8-%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%82%D0%B8%D0%BB%D0%B8-%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-%D0%A0%D0%BE%...
newsyou.info/wp-content/uploads/2021/12/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%92%D0%BB%D0%B0%D1%81%D1%82%D0%B8-%D0%94%D0%B5%D0%BB%D0%B8-%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%82%D0%B8%D0%BB%D0%B8-%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-%D0%A0%D0%BE%D0%B6%D0%B4%D0%B5%D1%81%D1%82%D0%B2%D0%BE-%D0%B8-%D0%9D%D0%BE%D0%B2%D1%8B%D0%B9-%D0%B3%D0%BE%D0%B4.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
96365d0efa97cf43a947425785b2bad3f7eb518f6222143d2674cbf29fe92d3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 23 Dec 2021 02:36:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86952
Expires
Thu, 30 Dec 2021 17:26:21 GMT
%D0%94%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D1%82-Nutella-%D0%9A-%D1%87%D0%B5%D0%BC%D1%83-%D0%B5%D1%89%D0%B5-%D0%BF%D1%80%D0%B8%D0%B2%D0%B5%D0%B4%D0%B5%D1%82-%D0%BE%D0%B1%D0%B2%D0%B0%D0%BB-%D0%BB%D0%B8%D1...
newsyou.info/wp-content/uploads/2021/12/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%94%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D1%82-Nutella-%D0%9A-%D1%87%D0%B5%D0%BC%D1%83-%D0%B5%D1%89%D0%B5-%D0%BF%D1%80%D0%B8%D0%B2%D0%B5%D0%B4%D0%B5%D1%82-%D0%BE%D0%B1%D0%B2%D0%B0%D0%BB-%D0%BB%D0%B8%D1%80%D1%8B.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
1e98a3ede349fecfd14a4b6cefad84f9b31076e53f30fb2bbb63adcd54f0f64f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 23:35:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
200937
Expires
Thu, 30 Dec 2021 17:26:21 GMT
1640255354_6952.jpg
newsyou.info/wp-content/uploads/imga6695d8/23-12-21/ 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/imga6695d8/23-12-21/1640255354_6952.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ebe43817c43c329b2bcf2d0c367782a3085ca9afe0134f56c778be2dfc5bd4d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 23 Dec 2021 10:29:14 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
296043
Expires
Thu, 30 Dec 2021 17:26:21 GMT
%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%9F%D0%B0%D0%B2%D0%BB%D0%B0-%D0%93%D0%BB%D0%BE%D0%B1%D1%8B-%D0%BD%D0%B0-17-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021-%D0%B2%D1%81%D0%B5-%D0...
newsyou.info/wp-content/uploads/2021/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%9F%D0%B0%D0%B2%D0%BB%D0%B0-%D0%93%D0%BB%D0%BE%D0%B1%D1%8B-%D0%BD%D0%B0-17-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021-%D0%B2%D1%81%D0%B5-%D0%B7%D0%BD%D0%B0%D0%BA%D0%B8-%D0%B7%D0%BE%D0%B4%D0%B8%D0%B0%D0%BA%D0%B0.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ed79ab516c86cb0b3da37d48ebca6f7b1f0b979325cb02db26bf5208cf00dbd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 16 Dec 2021 14:33:06 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48264
Expires
Thu, 30 Dec 2021 17:26:21 GMT
197_olya_polyakova2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/197_olya_polyakova2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
62c9183ace7ffb179b0dcfe1b88a807e6bc9a649eb6dd0936b7ba94528524929

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 20:54:15 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
193201
Expires
Thu, 30 Dec 2021 17:26:21 GMT
40c4bb177b051d9f40ffa69414b2d5e9.jpeg
newsyou.info/wp-content/uploads/2021/12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/40c4bb177b051d9f40ffa69414b2d5e9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8b659f72017df1d6cdc07307be915ec445d7640648eda9f055cffa10dafdc722

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 20:49:10 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72552
Expires
Thu, 30 Dec 2021 17:26:21 GMT
%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9-%D0%B3%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E-%D1%81-13-%D0%BF%D0%BE-19-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B...
newsyou.info/wp-content/uploads/2021/12/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9-%D0%B3%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E-%D1%81-13-%D0%BF%D0%BE-19-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
dbe0cf6b50ec23fd38afc516f0b26906780ec018276247a735f51a47a7aa76fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Sat, 11 Dec 2021 02:00:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
187735
Expires
Thu, 30 Dec 2021 17:26:21 GMT
newsyou.info.1024868.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad9efa7148c3b033e0430aa47c0d7279c5fb9ae699f34cc794b361bc96171cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
3043
last-modified
Thu, 02 Dec 2021 15:01:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VJDH08A10XP55WF1
x-amz-id-2
dHzn/3sEgEOM/mEzVYQYC4D8BZGGCpMWn3Vb0dvbCMYhBGNvhecteUF4ctWNa/kXiw9d/LIYuDY=
cf-bgj
minify
server
cloudflare
etag
W/"49a1b7d557a988c4e4f78eb5f865547e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c235309afde5bfd-FRA
expires
Thu, 23 Dec 2021 20:31:35 GMT
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
232955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2695
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-31fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZlIwZhKhq%2BrnbWHGUjV0r6jZmU9uusKldxR0LLQMY62I6ZYq7dN2NS%2F22%2FBJHH8xS46RCwO4aSMjMfirAwyh7Tqrcfl09ZAHhE09tVysogbdo0HJ2CIc%2BuHSkBCSLKgNlqt1cgrt9KJrZ%2BHFl5qqX2j"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c23530968d1c29a-FRA
expires
Tue, 13 Dec 2022 17:31:35 GMT
jquery.fancybox.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		157 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4774769
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32145
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-2739b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sITjXU5918JVmltY6rOuezJLNPuseW3IqmT34BwhRdc2ViT6eWIw2XE%2FCblw7%2FhL1MK4P%2Fyte34KPPuSTtJTxlLoYIDhyCCWBYr2o4X%2B60S4g2BPjeM6Jh6Fmec32y%2FByFX0N9hbMxuyE3fjlwL8Dyaw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c23530968d5c29a-FRA
expires
Tue, 13 Dec 2022 17:31:35 GMT
rotator.js
newsyou.info/wp-content/themes/newsyou/js/ 		207 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/rotator.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:10 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207
Expires
Thu, 30 Dec 2021 17:26:21 GMT
av.js
ppvesdfiojol.com/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/av.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ae07ae363826bb4478d2028eebbf5b01267fa4afa9af5aec85e00ac13c3e8736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:25:30 GMT
server
nginx
etag
W/"618ce18a-b8fc"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=60
content-type
application/javascript
x-variti-ccr
414630483:1
expires
Thu, 23 Dec 2021 17:32:35 GMT
media
a4p.adpartner.pro/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
7e436efe4ae1cd0ebb3e5fef30ea54de8151e1dfabd9cdc0abe1b87e7b216183

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
truncated
/ Frame 087E 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6d89e3b5fe9105c2adc070949d5b9f61a63700b8227950e4ea732b1c5699519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
76ujLEOM+yzqrjMj0l8b3Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
mb1QizgZStI6UyYQjpaLCzs1H4plBaQzoB/adzdvVELJjovmnYDJ2PXib621HluN/tfmytAWjtpxsSKzasWqbg==
x-fb-trip-id
917726464
x-fb-content-md5
5bbc8fa26995ad49782b4e26ec6e66ae
x-frame-options
DENY
date
Thu, 23 Dec 2021 17:31:35 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3dcaf8b0bf95a7314cc92248bf1559b8"
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:48:38 GMT
b286ae57.js
pxksnymto.ru/pixels/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxksnymto.ru/pixels/b286ae57.js
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9fd72153ba3e8a36d7e6a93d9bd5acb61f8f1cde905b95955a10761aa7e3636d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store
last-modified
Mon, 20 Dec 2021 09:18:45 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
index.php
telegram.im/widget-button/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 23 Dec 2021 17:31:34 GMT
Server
nginx
Strict-Transport-Security
max-age=0
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.5052496275124998
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
a04eeb1dc4fd30ad1df9388b95522ea4bfce3f72e5f142463ef648af8cad88c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
menu.png
newsyou.info/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/menu.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2563
Expires
Thu, 30 Dec 2021 17:26:21 GMT
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.5533827683819184
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
fdf2f275281389761bd5b701c1e75b132344a8b070ccefe9733411147b92fe54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5876&r=0.8292002494927568
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
09f8513494daccefd2ca18916323b55c8dab5d5f2120cd8f7537f4d32d2366f0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
13245.js
jsn.24smi.net/d/6/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
489
etag
W/"6152c8b3-c46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2353098b875b68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:23:26 GMT
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7880&r=0.05347208136752979
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
e2e890ad66dcc4876c25577836c404e0435782f004e2be91f15924957b192322
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
13267.js
jsn.24smi.net/4/0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
522
etag
W/"6152c8b3-b81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2353099bc55b68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:22:53 GMT
13248.js
jsn.24smi.net/e/7/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
395
etag
W/"6152c8b3-900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c235309abcc5b68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:25:00 GMT
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7858&ref=&0.6009526551611897
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
3f5ea6a90ab65ffc3ca523059ccc18e2d191462ef7e5aaaf5e77341c7933242b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=6822&r=0.06802958483326327
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
d801b155bd0191d276c94018809350abd09d21462f5171c9890f89a22d35a6c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI;0.5999624808992787
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI;0.5999624808992787
149 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI;0.5999624808992787
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
9eec64368167047f9d996ee210b6d3bb01980aabadd30d0c9a65c6ed78bbd35e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:47 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
149
Expires
Tue, 22 Dec 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:47 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI;0.5999624808992787
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 22 Dec 2020 21:00:00 GMT
3_3_1.png
i.i.ua/r/
Redirect Chain
  • https://r.i.ua/s?u224079&p264&n0.02044732019028861&c1&d24&w1600&h1200&rnewsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
  • https://i.i.ua/r/3_3_1.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.i.ua/r/3_3_1.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Server
91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
sh02.mi6.kiev.ua
Software
nginx /
Resource Hash
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Mon, 19 Mar 2007 13:53:49 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1233
Expires
Fri, 23 Dec 2022 17:31:34 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location
https://i.i.ua/r/3_3_1.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Expires
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1829
date
Thu, 23 Dec 2021 17:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 19:01:06 GMT
tag.js
mc.yandex.ru/metrika/ 		194 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-10765"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67429
expires
Thu, 23 Dec 2021 18:31:35 GMT
/
ppvesdfiojol.com/ 		83 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f0f3340fc6c123ddbe3825a916fe5548281cc4cafb8c23ea318a2cb7c28e80ed

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
414630483:2
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
utarget.ru/ranging/00cb2399e4/js/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/ranging/00cb2399e4/js/?rand=5004&cookie=0
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
utarget.pro
Software
nginx /
Resource Hash
12d71e219476445955bd90d2e18f31c834c39c11f1214a23abb6983511d861ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
nginx
P3P
CP="NON DSP COR CURa TIA"
Vary
Accept-Language, Cookie
Content-Language
ru
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=utf-8
6ed056a9.js
pxksnymto.ru/pixels/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxksnymto.ru/pixels/6ed056a9.js
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bff6fe2953477c19b112787a90875cba98f8fc5204e4c455fa3a70f700188269

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store
last-modified
Mon, 20 Dec 2021 09:18:45 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cfg
data.24smi.net/ 		392 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13245&ver=27&pio=true&pps=true&callback=__smiCb1640280695415
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
47c216158f344cc7dfe1f99f290522e2c32b2e6d9c57c5bbc6db290244e0673a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
cfg
data.24smi.net/ 		392 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13267&ver=27&pio=true&pps=true&callback=__smiCb1640280695416
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
f106845da8d75308aa0249515b14b9b221aae3205b375a542d9d394db1c6b19a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
newsyou.info.1146775.es6.js
jsc.mgid.com/n/e/ 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
981
last-modified
Thu, 02 Dec 2021 15:50:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
6YY7XMJG5B0FXM6E
x-amz-id-2
FS7rXj34WLuvtkUZ21it+mYswuZvNkX+p9qe+y1DDq2omXJ1ALpy+5nkbP0s/ofO2SWnfXImJ7U=
cf-bgj
minify
server
cloudflare
etag
W/"bc159291689d374b57f73dde254fa617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c23530aea173bda-CDG
expires
Thu, 23 Dec 2021 20:31:35 GMT
newsyou.info.1024868.es6.js
jsc.mgid.com/n/e/ 		241 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3117ef8de99c385baec23e1ff509a1cbdb1efec22548af8218108e58a9669216

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
981
last-modified
Thu, 02 Dec 2021 15:01:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
EKNC2B056DVH381Q
x-amz-id-2
YoWbhVXUKecBzFeX+qTy0G0/QGN72sA2N5Hh7rsY2eelGDMKodHQNpiElPqbCwXtXt6ehycXwoE=
cf-bgj
minify
server
cloudflare
etag
W/"04e832b814fb49973f6ea86d571d84a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c23530aea1a3bda-CDG
expires
Thu, 23 Dec 2021 20:31:35 GMT
newsyou.info.1122348.es6.js
jsc.mgid.com/n/e/ 		239 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
981
last-modified
Thu, 02 Dec 2021 15:43:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RC20466EQDSMKB74
x-amz-id-2
wjLf5GDA4qP53hmCzSKeiCACTuV3faSjipVI7ZK729oaeXQf2DBL7mbyK8HhIkpzM1cZE/a+lHo=
cf-bgj
minify
server
cloudflare
etag
W/"3549c59b252a1dff4f0ed90218a6b365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c23530aea1c3bda-CDG
expires
Thu, 23 Dec 2021 20:31:35 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
4507154694380913909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 47F3 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 22 Dec 2021 18:37:20 GMT
expires
Wed, 05 Jan 2022 18:37:20 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
82455
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
z
s.zmctrack.net/ Frame 6EC2 		52 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
3a2eec023adc8c05274eed54b4443f2a95502bba843fe0685313d992785f7c6e

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23804
expires
Thu, 01 Jan 1970 00:00:01 GMT
sdk.js
connect.facebook.net/ru_RU/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=323e44a776a35b938ef778f7b07c4abb
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dfe0de6e117fe3ddc32d7d5bc796bc279a336a4a70f8236eb9a45f743fad8e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ouSOhGqWrq1gLIRWEWoFtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83502
x-fb-rlafr
0
x-fb-debug
+w6H3y6SWOasClU026hZjcZFkCXtTMnfLNqDzyc4Eo1d4jyQuy9gdiDON2UVRMS0k708t/ARCb9hfFCzJu0A3g==
x-fb-content-md5
c405d8e17f05f0fab437c33328c1ec1d
x-frame-options
DENY
date
Thu, 23 Dec 2021 17:31:35 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8c7705cd52a9f12346363f47a8f0b964"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Dec 2022 16:56:14 GMT
cfg
data.24smi.net/ 		392 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13248&ver=27&pio=true&pps=true&callback=__smiCb1640280695417
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
242e12dd8722129c0bf03c800bef65a20622fcaf13b1edda1c2102315fdbdaa6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
d60c1733aa08b9c-1635069053.jpg
ppvesdfiojol.com/upload/202110/7b1bc6dcdc3764e8/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202110/7b1bc6dcdc3764e8/d60c1733aa08b9c-1635069053.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed5a11894c21c008675badc52c7d06a2b7c37789074ea71fad33c3f449048d1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Sun, 24 Oct 2021 09:50:53 GMT
server
nginx
etag
"61752c7d-294c"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
10572
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
414630483:3
65f0be96ec82bfb-1640125395.jpg
ppvesdfiojol.com/upload/202112/0b43bcd0f0435025/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/0b43bcd0f0435025/65f0be96ec82bfb-1640125395.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
1ed1d1cb8623bf3167e5cbb2b7c30b8d26f243976ee9f6788d34a4e4b2de3d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Tue, 21 Dec 2021 22:23:15 GMT
server
nginx
etag
"61c253d3-462e"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
17966
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
414630483:4
0e278e7063abb76-1640126863.jpg
ppvesdfiojol.com/upload/202112/a16f7ae21631798b/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/a16f7ae21631798b/0e278e7063abb76-1640126863.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c29fb37699996df1d4eb577635c7e9a2b159abf4e95fd99101ddd20f421f5d63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Tue, 21 Dec 2021 22:47:43 GMT
server
nginx
etag
"61c2598f-462a"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
17962
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
414630483:5
b5f36d7de5b31f8-1639937121.jpg
ppvesdfiojol.com/upload/202112/6db5449f752873ab/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/6db5449f752873ab/b5f36d7de5b31f8-1639937121.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e75ed43041906d7a1a30057773711c90085183a5f4563f5279cfb0519a3c4ed8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Sun, 19 Dec 2021 18:05:21 GMT
server
nginx
etag
"61bf7461-5162"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
20834
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
414630483:6
98ab4c48038f0a7-1640127212.jpg
ppvesdfiojol.com/upload/202112/0e6e377b1b020881/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/0e6e377b1b020881/98ab4c48038f0a7-1640127212.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
2792408224dde6373f1778228a05505a2a36913137c920af418594c08133fd0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Tue, 21 Dec 2021 22:53:32 GMT
server
nginx
etag
"61c25aec-376e"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
14190
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
414630483:7
cfg
data.24smi.net/ 		391 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=14482&ver=27&pio=true&pps=true&callback=__smiCb1640280695418
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
8733b39a436446087849b1973adc5f9b17b022b9221a7923fa6cb7d8ba457796
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store
server
nginx
content-length
391
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
media.min.js
a4p.adpartner.pro/apstc/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.397
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store no-transform
last-modified
Thu, 16 Dec 2021 14:29:41 GMT
server
nginx
content-encoding
br
etag
W/"61bb4d55-3ac0"
content-type
application/javascript
ls
a4p.adpartner.pro/media/ Frame F91C 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e5163e6cd7d935002ad61d64f98cf1d9250ee6b235b496d1799321e9de2255fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:35 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame 3F57 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=610&screen_width=1600&reload_count=0&banner_num=1640280695365642665&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.5533827683819184
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
b667e8d278dfc8346665794b68b46193d5dec23f6702097f38af1d10d04cd1b6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:35 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame AFC1 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=610&screen_width=1600&reload_count=0&banner_num=1640280695364180726&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.5052496275124998
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
d7d3a1f1d411bc17aa4e2746644c556f941b7959c0ad85627970504f133b02c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:35 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
widget-button.css.php
telegram.im/widget-button/ 		2 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/widget-button.css.php
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:34 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0
fonts.css
telegram.im/widget-button/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/fonts.css
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 09:05:17 GMT
Server
nginx
ETag
W/"58b29a4d-f47"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:34 GMT
style.css
telegram.im/widget-button/ico/ 		1 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/ico/style.css
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 09:02:08 GMT
Server
nginx
ETag
W/"58b29990-42b"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:34 GMT
WidgetTelegramButton.min.js
telegram.im/widget-button/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/WidgetTelegramButton.min.js
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 21:40:46 GMT
Server
nginx
ETag
W/"58b34b5e-c56c"
Strict-Transport-Security
max-age=0
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:34 GMT
ls
a4p.adpartner.pro/jsunit/ Frame 7C45 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7882&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=300&screen_width=1600&reload_count=0&banner_num=1640280695412584313&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7858&ref=&0.6009526551611897
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
58925535004c94a4a2223eb1b67e2163dc73b3923bd7aea43314dacf2b131f53

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:35 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2126856665&t=pageview&_s=1&dl=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%20%D1%81%D1%80%D0%BE%D0%BA%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20COVID-%D1%81%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B2%D0%BA%D0%B8%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=899131674&gjid=450894755&cid=1593547459.1640280696&tid=UA-80712032-1&_gid=1288027217.1640280696&_r=1&_slc=1&z=1234877294
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsyou.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1280.js
jsn.24smi.net/d/6/13245/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245/1280.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8bcbffbb8d6c67382224ce3dcc606693d1ffe08545805c167be22f9f0ab12fa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:49 GMT
server
cloudflare
age
38
etag
W/"61c4b249-13f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c23530c2cf3374f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
/
utarget.ru/is_clickunder/ 		16 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/is_clickunder/
Requested by
Host: utarget.ru
URL: https://utarget.ru/ranging/00cb2399e4/js/?rand=5004&cookie=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
utarget.pro
Software
nginx /
Resource Hash
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Vary
Cookie, Accept-Language
Content-Language
ru
pclicks.js
prodmp.ru/ 		0
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks.js
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/javascript
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:59:30 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 08 Dec 2021 08:59:30 GMT
server
CloudFront
age
1326725
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590808, s-maxage=30310003
x-amz-cf-pop
FRA50-C1
content-length
0
x-amz-cf-id
7qC1gFuF8qFopWa_2_rzr4biH6vu9ClK1KolKXRLvA9G97-ZBjtoLw==
1282.js
jsn.24smi.net/e/7/13248/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248/1282.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
417fd63c23a7c6e249b54002e965c6d3eda19e06b84a4ae80e226021ed2ac9a6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:49 GMT
server
cloudflare
age
38
etag
W/"61c4b249-11b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c23530c9dd9374f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9496.wkUzkPRsiYV2_LS-X9syj_T-S3GYobDAPscKNbv537OlkL7uM73Pc430CNt_zZ2j.Wh_JZoiJ3nMxyE_XC68agxay5w0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9496.coEI-2ugugLs84RcFn1BhR3PEAf42Itc9lCAaekhhF0pSz83LZAAbh0aqktLQHOgv8SC_Afs3qhG9DYIF2PSvQ%2C%2C.AzC1K3q1FMiTPmWzuKKcpXhiHgk%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9496.coEI-2ugugLs84RcFn1BhR3PEAf42Itc9lCAaekhhF0pSz83LZAAbh0aqktLQHOgv8SC_Afs3qhG9DYIF2PSvQ%2C%2C.AzC1K3q1FMiTPmWzuKKcpXhiHgk%2C
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9496.coEI-2ugugLs84RcFn1BhR3PEAf42Itc9lCAaekhhF0pSz83LZAAbh0aqktLQHOgv8SC_Afs3qhG9DYIF2PSvQ%2C%2C.AzC1K3q1FMiTPmWzuKKcpXhiHgk%2C
date
Thu, 23 Dec 2021 17:31:36 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1281.js
jsn.24smi.net/4/0/13267/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267/1281.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30711901769b5fad09214da2177589c15425a1748c77d332334fd15ed7859b9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:49 GMT
server
cloudflare
age
38
etag
W/"61c4b249-118a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c23530d4f8e374f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
render
ocmurc.com/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=4915c0f6-c42b-467a-a7cd-d03bf2f230ec&referrer=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&page_load_uuid=d0290f47-6b1d-4e91-91d7-8261634750b2&page_depth=1&x71sjf34web=5eca6fba-9cbb-4f45-9572-32cf84077d45&block_uuid=5eca6fba-9cbb-4f45-9572-32cf84077d45&refresh_depth=1&safari_multiple_request=456
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
19fabcb0c85f2f3f1377cda2ddbaf8ec0144d5cfa1c9406d5956a5ec71c361a0

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=4915c0f6-c42b-467a-a7cd-d03bf2f230ec&referrer=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&page_load_uuid=d0290f47-6b1d-4e91-91d7-8261634750b2&page_depth=1&x71sjf34web=3547ed36-7c1a-4c24-ba38-9664321b8855&block_uuid=3547ed36-7c1a-4c24-ba38-9664321b8855&refresh_depth=1&safari_multiple_request=13
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c65977e5b2bcb651d79ad554ad42a8fa27f6a598a9a26718075d188e2d7d08

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=4915c0f6-c42b-467a-a7cd-d03bf2f230ec&referrer=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&page_load_uuid=d0290f47-6b1d-4e91-91d7-8261634750b2&page_depth=1&x71sjf34web=1005d6d5-8587-4044-84b7-f49ce1b590da&block_uuid=1005d6d5-8587-4044-84b7-f49ce1b590da&refresh_depth=1&safari_multiple_request=627
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e18203607d02d9989274d62de14465c358a7e4304c7e6ae38c51defcf33b8811

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=4915c0f6-c42b-467a-a7cd-d03bf2f230ec&referrer=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&page_load_uuid=d0290f47-6b1d-4e91-91d7-8261634750b2&page_depth=1&x71sjf34web=c0a8ed84-a54b-489b-89d5-0615217d2847&block_uuid=c0a8ed84-a54b-489b-89d5-0615217d2847&refresh_depth=1&safari_multiple_request=467
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
c93d5f73d08ffaf9abb1a09408e8f1e4bf46c9c4fb3615e6b05e22f33ecbf9d5

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=4915c0f6-c42b-467a-a7cd-d03bf2f230ec&referrer=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&page_load_uuid=d0290f47-6b1d-4e91-91d7-8261634750b2&page_depth=1&x71sjf34web=3c625efe-9cd7-4984-b8ff-0ac328698b2c&block_uuid=3c625efe-9cd7-4984-b8ff-0ac328698b2c&refresh_depth=1&safari_multiple_request=10
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5d1b880ef89f71d5c065d0f47aef201e33c264240d37188da26318fbbbb5ffb3

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
cookie.js
partner.googleadservices.com/gampad/ 		216 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=newsyou.info&callback=_gfp_s_&client=ca-pub-5994697028380609
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
b3d51febc76d9c9cea5a7d40b91f61b90849ebc62f33736965635645bfe0dad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 630B 		30 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=1573534164&lmt=1640280695&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695481&bpp=3&bdt=747&idt=484&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7854390752414&frm=20&pv=2&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=504
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e42b623b75e0d7c984a464fa69cba9fa06050d9ab5b81c36848d2370b39f0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:36 GMT
server
cafe
content-length
6322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
private
/
loadercdn.net/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=22f5932b2c84f624&d=newsyou.info
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
server
openresty
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:59:30 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 08 Dec 2021 08:59:30 GMT
server
CloudFront
age
1326726
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590808, s-maxage=30310003
x-amz-cf-pop
FRA50-C1
content-length
0
x-amz-cf-id
8IW_uvKHPYt-k8e81ghDKlXu5q8_tFGLRZcc84UKXzHcEgffR1JtUQ==
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 23 Dec 2021 18:31:36 GMT
783.js
jsn.24smi.net/b/0/14482/ 		54 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/b/0/14482/783.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7dea60fa923ab7d7120f0c2e05888e781939006d0777b63ef9148ebdd623f2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:26 GMT
server
cloudflare
age
39
etag
W/"61c4b232-d62c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c23530efb05374f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13977&f=2&ref=https%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
fbf349f19615afdff2553d69fadec7df40fb8c78e1340ce515c6d4108faa55b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
/
m.mixadvert.com/show/load/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5876&id_name=AoNiQ&teaser_name=pSyqyoy&block_name=hyFqhp&ban_teaser=&r=0.16362819798311778&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5876&r=0.8292002494927568
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
bef85c203e1a4b34bbf59056e87f69126fa458a3fa652a17c1780acb51e8d390
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
ads
googleads.g.doubleclick.net/pagead/ Frame F371 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
793efe1cc1e83c8fca81379345e9839522e2d30f20cd5ab67cb3058e1a0d259e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:36 GMT
server
cafe
content-length
11325
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
private
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:03:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
d0b61c3202891e61.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/d0b61c3202891e61.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ebf831c917cc19797fad0a9243ad955a1f6e57183ad27c2ac123cecb29782bd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 12:55:04 GMT
server
nginx/1.14.2
etag
"61c32028-7445"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
29765
d0b61c44d55a756a.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/c36d16a932074f478b94dfa1b7357b64/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/c36d16a932074f478b94dfa1b7357b64/d0b61c44d55a756a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ba07a6fa7d7cc4f6b5b28a85169014124073cd45e8673785154d9710624acbc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 10:20:05 GMT
server
nginx/1.14.2
etag
"61c44d55-5029"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20521
d0b61c31fec1322d.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/d0b61c31fec1322d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3d86ea1a91933592bc9f2aa122fdf67bff0e2ce2c79f548739c4d2e96ac5553e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 12:54:04 GMT
server
nginx/1.14.2
etag
"61c31fec-ab84"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
43908
d0b6115360bf1f86.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/dc7ecd7351ae49748f1e78fa144f3195/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/dc7ecd7351ae49748f1e78fa144f3195/d0b6115360bf1f86.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6eb1d97374d7d109c419a5b5d30eb49e6e57095ceea9e60945301a0d359b32cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 12 Aug 2021 14:54:03 GMT
server
nginx/1.14.2
etag
"6115360b-4030"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
16432
d0b61b090eba3593.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/75d0dbb9fb5845d9830cc073c4e37616/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/75d0dbb9fb5845d9830cc073c4e37616/d0b61b090eba3593.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5cd40fe604b58b6d0f2fd44e5fcc9423a943051aedfc3d44aeac6612dd7e2050

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 08 Dec 2021 11:03:07 GMT
server
nginx/1.14.2
etag
"61b090eb-4f0d"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20237
d0b61c32063a6c1b.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/d0b61c32063a6c1b.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8773f887e6d0472f166df5c8d38f43a81ac55d5174ebdd9f5d9fb6e53961fa8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 12:56:03 GMT
server
nginx/1.14.2
etag
"61c32063-8720"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
34592
d0b61b8fbc068836.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/d0b61b8fbc068836.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
28c3b24f87d5f92b9674f8f01f11fb31a3e68538ea483ac9812986bb8b8d9294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 14 Dec 2021 20:17:04 GMT
server
nginx/1.14.2
etag
"61b8fbc0-5ece"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24270
d0b611535d09ed40.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/ad636d96e673415e90d489e332995bf1/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/ad636d96e673415e90d489e332995bf1/d0b611535d09ed40.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
25518d2c841e59dec58e64b57333fbd2640ace7042fe584dc19649690e14272f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 12 Aug 2021 14:53:04 GMT
server
nginx/1.14.2
etag
"611535d0-4a58"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19032
d0b61b090e7753d9.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/d30aecdcb0ef4d4f962ae020b2a50c4b/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/d30aecdcb0ef4d4f962ae020b2a50c4b/d0b61b090e7753d9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f054bf0870f8a7262d7c6a7c35cb1ceb67823f501c4bf19b8389849fe3cf9838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 08 Dec 2021 11:03:03 GMT
server
nginx/1.14.2
etag
"61b090e7-5f94"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24468
d0b6182b6785e11d.jpeg
ocmurc.com/.cdn/05a5cf/6512bd/2fa32ae2c78a49de93dbab7a8a3f5f89/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/6512bd/2fa32ae2c78a49de93dbab7a8a3f5f89/d0b6182b6785e11d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
cd919786e58a29bed6ae038fd3e7f514232525798fc80a3d1127a5d6c5c103f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 03 Nov 2021 16:19:04 GMT
server
nginx/1.14.2
etag
"6182b678-5021"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20513
zaglushka-center.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame 1180
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
199219a286886204cb63366914c6e1e1a29cae3626805565499868d088ace98c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:22 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1157
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ Frame F91C 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1830
date
Thu, 23 Dec 2021 17:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 19:01:06 GMT
media
a4p.adpartner.pro/ Frame F91C 		1 KB
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=5555&session_id=762c8757-596f-4ba1-a66b-4a782956af47&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
bc66ad27783be70669b8c4b460c063c26fd9ed92817677bf450bde49eb2bfbb5

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame 3F57 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280695365642665&id=7460&is_in_viewport=0&ref=&reload_count=0&session_id=762c8757-596f-4ba1-a66b-4a782956af47&session_pageview=1&shown=&site_visited=1&unit_id=7460
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=610&screen_width=1600&reload_count=0&banner_num=1640280695365642665&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
c91cae9b3221f9c663c1e10d7f5d483fd4bfba33c7b480014ef85ea00011d755

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=610&screen_width=1600&reload_count=0&banner_num=1640280695365642665&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame AFC1 		29 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280695364180726&id=2489&is_in_viewport=0&ref=&reload_count=0&session_id=762c8757-596f-4ba1-a66b-4a782956af47&session_pageview=1&shown=&site_visited=1&unit_id=2489
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=610&screen_width=1600&reload_count=0&banner_num=1640280695364180726&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
c9cea1b7c38f1c93b922c5ee7219f6fd2e82a8934671c6fea4ec1806d60f1daa

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=610&screen_width=1600&reload_count=0&banner_num=1640280695364180726&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame 7C45 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280695412584313&id=7858&is_in_viewport=0&ref=&reload_count=0&session_id=762c8757-596f-4ba1-a66b-4a782956af47&session_pageview=1&shown=&site_visited=1&unit_id=7882
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7882&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=300&screen_width=1600&reload_count=0&banner_num=1640280695412584313&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
f871c8d6424aa5a8530ea92821770a3d5978c65b57991c8715f6a271f9237136

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7882&shown=&session_pageview=1&session_id=762c8757-596f-4ba1-a66b-4a782956af47&site_visited=1&apuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7&width=300&screen_width=1600&reload_count=0&banner_num=1640280695412584313&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
d036194a92f9d668.jpeg
ocmurc.com/.cdn/05a5cf/6512bd/ceb3ec894cca4652b4d301451afb1856/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/6512bd/ceb3ec894cca4652b4d301451afb1856/d036194a92f9d668.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5fe718a3f71d796a8c839f91b9a26cf201757f1d2a6e77cf24d553f60302ed24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 17 Nov 2021 07:03:11 GMT
server
nginx/1.14.2
etag
"6194a92f-3b2a"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
15146
d0361c451c7c126a.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a175fc7379634446b2371aef5f13243a/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a175fc7379634446b2371aef5f13243a/d0361c451c7c126a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
adc8fc28b66827d96a76ac5be9c44ccea9d61249418820bedd9092c16775ac3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 10:39:03 GMT
server
nginx/1.14.2
etag
"61c451c7-478e"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
18318
telegramimfont.ttf
telegram.im/widget-button/ico/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/ico/fonts/telegramimfont.ttf?7b24fo
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/ico/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e

Request headers

Referer
https://telegram.im/widget-button/ico/style.css
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Sun, 26 Feb 2017 09:02:02 GMT
Server
nginx
ETag
"58b2998a-59c"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1436
z
s.zmctrack.net/ Frame 9752 		102 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
77d8eff429a1fed25ca79b8a2de7ee537e20a422cf8e8ca765662ae69c207747

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
d0361b059e260257.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/320c0552d1cb4ff0a14f70fdacd5b628/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/320c0552d1cb4ff0a14f70fdacd5b628/d0361b059e260257.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
0f9e8ffa88978c4377a04f322ae1f5ad545c4af9de4477e0bcf5a5d1a6485d38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 08 Dec 2021 07:08:18 GMT
server
nginx/1.14.2
etag
"61b059e2-3122"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
12578
d0361c4502a258e1.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/26097f1d9161463f99d3d3ec66eada45/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/26097f1d9161463f99d3d3ec66eada45/d0361c4502a258e1.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
b961ec166a7ac458d9446ac0d639896f10dbffaed7b9155808c7045aad8d2ccd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 10:32:10 GMT
server
nginx/1.14.2
etag
"61c4502a-84ef"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
34031
d0b61b896f8257bc.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/03388beaebee41d99dd9101ed5f4931e/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/03388beaebee41d99dd9101ed5f4931e/d0b61b896f8257bc.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1ec53179a71bb19d3bdec146371021485e5a26ea598ad52816bbc4a9bb5afb27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 14 Dec 2021 13:07:04 GMT
server
nginx/1.14.2
etag
"61b896f8-3adc"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
15068
d0b611d0a3a2edd5.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/ef34f7f1d29449029f4cded922edb743/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/ef34f7f1d29449029f4cded922edb743/d0b611d0a3a2edd5.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d5dc3810d345b69ede6455734f4efcd13ed56b902668192e7d2004c171591a8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 18 Aug 2021 13:25:14 GMT
server
nginx/1.14.2
etag
"611d0a3a-43c1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
17345
d0b61add90bc4bec.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/b4bbd717686441f8bd0711295baf6767/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/b4bbd717686441f8bd0711295baf6767/d0b61add90bc4bec.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
7aa01b65ddab63af081b179c28164c663a40e042b2ba1fed2644ee6f9d2a211d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Mon, 06 Dec 2021 09:34:03 GMT
server
nginx/1.14.2
etag
"61add90b-5656"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
22102
d0b61af169fdc6a8.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/c8fa0c5c8e4f49b3b238d7b9b5989cce/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/c8fa0c5c8e4f49b3b238d7b9b5989cce/d0b61af169fdc6a8.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d451478e68967318296d36228990231513bc7f5e5de8c11d825f8061a4e5e6cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 07 Dec 2021 08:09:03 GMT
server
nginx/1.14.2
etag
"61af169f-5679"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
22137
d0b61c2e553d3604.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/43a4e8a781774112bc663e68d4c62816/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/43a4e8a781774112bc663e68d4c62816/d0b61c2e553d3604.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8a54678a170753e895ffbe8235a0beef8349dd7e116ee31c1f1da75d7dac9463

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 08:44:03 GMT
server
nginx/1.14.2
etag
"61c2e553-467e"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
18046
d0b61b085e3ce442.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/884fa888eac744b596737050d32fc061/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/884fa888eac744b596737050d32fc061/d0b61b085e3ce442.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
986036fffea7b52937718badd063cc28a6da29792e6df5c0176b302008928381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 08 Dec 2021 10:16:03 GMT
server
nginx/1.14.2
etag
"61b085e3-62a8"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
25256
d0b61b096109f84d.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a3f02c1fb1604939859cf07ddca7a555/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a3f02c1fb1604939859cf07ddca7a555/d0b61b096109f84d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
28d4bd1f035e957aaa00531c44df5cf7b802ae9235261ed370510fdd1743a52b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 08 Dec 2021 11:25:04 GMT
server
nginx/1.14.2
etag
"61b09610-4431"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
17457
d0b611d0a35a6fac.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/4f250b41093144cdb2190c2a78e9a259/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/4f250b41093144cdb2190c2a78e9a259/d0b611d0a35a6fac.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
138bec58cfd65720c14272d5aed343b949207725edd5f676bdcd9bb092c963f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 18 Aug 2021 13:25:09 GMT
server
nginx/1.14.2
etag
"611d0a35-2f35"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
12085
d0b6115364870ce2.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/49e51e77a95f44439191d8ff8e999515/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/49e51e77a95f44439191d8ff8e999515/d0b6115364870ce2.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f3039063bdeeddc487f9a6e8f625e1a10c8a37ec37e2707a3a3835aba0fc8686

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 12 Aug 2021 14:55:04 GMT
server
nginx/1.14.2
etag
"61153648-4b6a"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19306
d0b61c2e5968235f.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/6a162bfd1b0e480689a279dd892aa187/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/6a162bfd1b0e480689a279dd892aa187/d0b61c2e5968235f.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
c9af752bbb8158660879cf030c3a9ce8bdbf74c7c6bcf82ba7c7cd931474e05b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 08:45:10 GMT
server
nginx/1.14.2
etag
"61c2e596-4c53"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19539
d0b61c2d8700aace.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/888203113861444b9679fd18ac98f999/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/888203113861444b9679fd18ac98f999/d0b61c2d8700aace.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
424aa5d6844796ddc6b5deb89c4da73c6463a298f804a92aae88d7bac40e5e68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 07:49:04 GMT
server
nginx/1.14.2
etag
"61c2d870-578c"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
22412
view.php
ppvesdfiojol.com/ 		2 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/view.php
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
414630483:8
expires
Thu, 19 Nov 1981 08:52:00 GMT
css2
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 15:42:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
css2
fonts.googleapis.com/ 		5 KB
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1940b7ca414417d344c0a3f22e2cb27873b399224c321d4bb3c38862e543a1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:16:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 20:07:55 GMT
x-content-type-options
nosniff
age
163421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 20:07:55 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:14:30 GMT
x-content-type-options
nosniff
age
76626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 20:14:30 GMT
zaglushka-bottom.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame 901E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-bottom.php
418 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-bottom.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
2b22663191117dd852ca5c946b8351fdd2bbdcd6d6d7a70d89d698e5dae14638

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:23 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
245
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-bottom.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zaglushka-center.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame 5C84
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
199219a286886204cb63366914c6e1e1a29cae3626805565499868d088ace98c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:23 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1157
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame BF42 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246885_74e93c3d2a.jpg
zn3.2xclick.ru/img/400x400/885/ Frame BF42 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/885/1246885_74e93c3d2a.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
d413187e7fd42a10ac03e4b166868be0fc8d0f38ed81e354de3f5176a29ef990

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 16:43:07 GMT
Server
nginx
ETag
"61c4a71b-7032"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
28722
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246658_0b9d7dee25.jpg
zn3.2xclick.ru/img/400x400/658/ Frame BF42 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/658/1246658_0b9d7dee25.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
ccd0d28962618c48f75fc894dde961d87f9bf9c1a45ed23e0ffc27eabcad7bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 12:06:42 GMT
Server
nginx
ETag
"61c46652-aafb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
43771
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246215_a759d52860.jpg
zn3.2xclick.ru/img/400x400/215/ Frame BF42 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/215/1246215_a759d52860.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 22 Dec 2021 19:54:14 GMT
Server
nginx
ETag
"61c38266-6301"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
25345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&tizer_id=13977&r=0.21656507949252757
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif; charset=windows-1251
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
38170-438578-259.jpg
i.mixadvert.com/8174/38170/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438578-259.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Tue, 30 Nov 2021 11:29:43 GMT
Server
nginx/1.12.1
ETag
"61a60b27-5d4c"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23884
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438579-KGr.jpg
i.mixadvert.com/8174/38170/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438579-KGr.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Tue, 30 Nov 2021 11:30:40 GMT
Server
nginx/1.12.1
ETag
"61a60b60-4b0f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19215
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438575-5yf.jpg
i.mixadvert.com/8174/38170/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438575-5yf.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Tue, 30 Nov 2021 11:27:51 GMT
Server
nginx/1.12.1
ETag
"61a60ab7-62ef"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25327
Expires
Thu, 31 Dec 2037 23:55:55 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F371 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F371 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F371 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:28 GMT
block_head.png
mixadvert.com/images/logo/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 11:14:45 GMT
x-content-type-options
nosniff
age
195412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 11:14:45 GMT
1
mc.yandex.com/watch/44453875/
Redirect Chain
  • https://mc.yandex.com/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&charset=utf-8&browser-info=pv%3A1%3Ag...
  • https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&charset=utf-8&browser-info=pv%3A1%3...
350 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A586103880548%3Ahid%3A448144870%3Az%3A0%3Ai%3A20211223173135%3Aet%3A1640280696%3Ac%3A1%3Arn%3A911164148%3Arqn%3A1%3Au%3A1640280696124460632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280693660%3Ads%3A0%2C168%2C787%2C41%2C0%2C0%2C%2C602%2C13%2C%2C%2C%2C1676%3Adsn%3A0%2C168%2C787%2C41%2C0%2C0%2C%2C564%2C13%2C%2C%2C%2C1676%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280697%3At%3A%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%20%D1%81%D1%80%D0%BE%D0%BA%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20COVID-%D1%81%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B2%D0%BA%D0%B8%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f2414ab12452cc03536f57825be35dc826d99280686ba47b325cfa9cd8e1bd59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 23-Dec-2021 17:31:37 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 23-Dec-2021 17:31:37 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23-Dec-2021 17:31:37 GMT
location
/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A586103880548%3Ahid%3A448144870%3Az%3A0%3Ai%3A20211223173135%3Aet%3A1640280696%3Ac%3A1%3Arn%3A911164148%3Arqn%3A1%3Au%3A1640280696124460632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280693660%3Ads%3A0%2C168%2C787%2C41%2C0%2C0%2C%2C602%2C13%2C%2C%2C%2C1676%3Adsn%3A0%2C168%2C787%2C41%2C0%2C0%2C%2C564%2C13%2C%2C%2C%2C1676%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280697%3At%3A%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%20%D1%81%D1%80%D0%BE%D0%BA%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20COVID-%D1%81%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B2%D0%BA%D0%B8%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 23-Dec-2021 17:31:37 GMT
close.gif
newsyou.info/img/ 		83 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/close.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:22 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83
Expires
Thu, 30 Dec 2021 17:26:22 GMT
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=212162&f=2&ref=https%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
058bd9f2bcfaff98963aa6cea5fb5330d87c59fd30600528df5676750b6350da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 07D9 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2ea552834d59f3629069e4233f30d3ec0a1fd9fa193a9872f79beec51867d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
10126
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
m.mixadvert.com/show/load/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=6822&id_name=HzdGD&teaser_name=ZcjRDAk&block_name=olnGAN&ban_teaser=438578,438579,438575&r=0.13113946250562591&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=6822&r=0.06802958483326327
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
15963286a88918c535d0a7a2c9bf04b9113cac7ad895ab8070c63b5763861a09
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
adview
googleads.g.doubleclick.net/pagead/ Frame F371 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFjv8eLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEhgJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnGxzWPIxKc9Uk7PTbzNclNXLuvegvkhBsa6Q9EqZ9_eFDR9aFOnIgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=bn5xkOeiPK0&uach_m=[UACH]&cid=CAQSKQCNIrLMc5eQ1f16fcvMiZWxPgSEFJ1sRlpAMx_Q2AyQaPPaSSqKrSQzGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame F371 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEcz6RMQEmAKdg2ICAgAAALzSAiuWZaj2EHeyxGH5N1rROh6ZpMeW0QAS&wp=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
Kestrel
server-processing-duration-in-ticks
207532
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1BEA 		169 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
11f42e9915b154d5c6b413830e43e331562a3d6fd1dcbba395b21bf64c28d398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=NoLbqdua4j8TotWV4RCBNZBBkOE2JlwGD3g61VTK5-XQ928OQhfD9QAFTHdTKSpnm-EcX-h_3M-aLHDe7fsz-sCAvgoGezrFiXVM_U1969PpgX1b0txVonP1L1Sir79w2H74NGlAONukfF0o6tsr3xB3SP8OwyA4m6brdMenLCtDi9WPXLe23b52IZZSl420jrjyldxb9bUnpS-R-O_MbarduvRaobYWn41IHfSxuVlddjMD7sHX5b3qBUUBObK41wQrEw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
99086559
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 582C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14725
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame F2C9 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a077de71def62bda94d78d94c47d1ef808b181f7ac824de9d0d835f169cb5bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
10007
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
logo_left.gif
file.adpartner.pro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/logo_left.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 24 Jan 2019 09:25:42 GMT
server
nginx
etag
"5c498496-a79"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
2681
1px-matching-adpartner.gif
t.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=46e05ec2-befa-4543-ad8b-4abe4bdbded7
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=46e05ec2-befa-4543-ad8b-4abe4bdbded7
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D10&cdsp=363190&user_id=46e05ec2-befa-4543-ad8b-4abe4bdbded7&sct=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=10
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=10
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353169b303bda-CDG
content-type
image/gif
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=46e05ec2-befa-4543-ad8b-4abe4bdbded7
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D9&cdsp=363190&user_id=46e05ec2-befa-4543-ad8b-4abe4bdbded7&sct=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=9
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=9
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353169b333bda-CDG
content-type
image/gif
46e05ec2-befa-4543-ad8b-4abe4bdbded7
s.uuidksinc.net/match/272/ 		74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/272/46e05ec2-befa-4543-ad8b-4abe4bdbded7
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
46e05ec2-befa-4543-ad8b-4abe4bdbded7
recreativ.ru/mtch/31/ 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recreativ.ru/mtch/31/46e05ec2-befa-4543-ad8b-4abe4bdbded7
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

hn
b23
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
pix
dsp-trk.eskimi.com/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=46e05ec2-befa-4543-ad8b-4abe4bdbded7
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
alt-svc
clear
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/adpdigital
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
193.232.150.70 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp14.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=46e05ec2-befa-4543-ad8b-4abe4bdbded7
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
125
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=46e05ec2-befa-4543-ad8b-4abe4bdbded7
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F79B2C4610C08E82B02134863
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F79B2C4610C08E82B02134863
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F79B2C4610C08E82B02134863
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F79B2C4610C08E82B02134863
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F79B2C4610C08E82B02134863
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F79B2C4610C08E82B02134863
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=dbfdb6e8-6d9c-5365-8252-d588e39667f1
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=dbfdb6e8-6d9c-5365-8252-d588e39667f1
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=dbfdb6e8-6d9c-5365-8252-d588e39667f1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=dbfdb6e8-6d9c-5365-8252-d588e39667f1
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=dbfdb6e8-6d9c-5365-8252-d588e39667f1
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=dbfdb6e8-6d9c-5365-8252-d588e39667f1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9a7fa744-fabf-4a07-7261-d93e0a8eb24d
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9a7fa744-fabf-4a07-7261-d93e0a8eb24d
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9a7fa744-fabf-4a07-7261-d93e0a8eb24d
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=9e93063a-b438-4098-79cc-61f4be5e6545
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=9e93063a-b438-4098-79cc-61f4be5e6545
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=9e93063a-b438-4098-79cc-61f4be5e6545
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280697&ptz=0&pl=en-US&object=13245&template_id=1280&num=3&ref=&output=json&chash=MTtYyOvu6h&extids=&callback=__smiCb1640280695419
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
1ca2bf85e5997764a57be7e7fa9dd11db977e635d11b85074959d0ce7e810312
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
ads
googleads.g.doubleclick.net/pagead/ Frame 2B17 		29 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fb964f17743b344ca4dcb177421a133a72550399824203da32a452830d7cf9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
10906
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
newsyou.info.1146775.es6.js
jsc.mgid.com/n/e/ Frame 9752 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
br
cf-cache-status
HIT
age
983
last-modified
Thu, 02 Dec 2021 15:50:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
6YY7XMJG5B0FXM6E
x-amz-id-2
FS7rXj34WLuvtkUZ21it+mYswuZvNkX+p9qe+y1DDq2omXJ1ALpy+5nkbP0s/ofO2SWnfXImJ7U=
cf-bgj
minify
server
cloudflare
etag
W/"bc159291689d374b57f73dde254fa617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2353159fec3bda-CDG
expires
Thu, 23 Dec 2021 20:31:37 GMT
if
a4p.adpartner.pro/tracker/ Frame 6888 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2246e05ec2-befa-4543-ad8b-4abe4bdbded7%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2038647%2C%22cost%22%3A0.000157179%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22cdf55808-7a99-406f-ac6a-1286139aead5%22%7D%2C%7B%22ad_id%22%3A2297870%2C%22cost%22%3A0.000109135%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22067a3ce0-5bef-4195-be8b-32e09a91ec34%22%7D%2C%7B%22ad_id%22%3A2287865%2C%22cost%22%3A0.0000614353%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22f900a96d-ff13-4efe-8a28-a597a07d59e7%22%7D%5D%2C%22unit_id%22%3A7460%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
ads
googleads.g.doubleclick.net/pagead/ Frame 270D 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
045bed8363fa859ed0fbb8901ed02be678749e5ceac894671f5ef14da603e462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
10114
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F371 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcda0d22ebce051cb16ed4389df05f7d73848a9fadfaca22e50c06f5a5d270a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:14:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:37 GMT
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame D4A7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1169373_a92fd42263.jpg
zn3.2xclick.ru/img/300x300/373/ Frame D4A7 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/373/1169373_a92fd42263.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
1b86d8c739c9f3e1ecfde56ea85f699ebeb53a6d576523828150c147bb11f54e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 29 Jul 2021 04:52:58 GMT
Server
nginx
ETag
"6102342a-5944"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
22852
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1153108_a465e98b7b.jpg
zn3.2xclick.ru/img/300x300/108/ Frame D4A7 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/108/1153108_a465e98b7b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
c47059aea1c35a75cce187a3921d7f7da3a2947879b6b6b4fce5fb1abab844b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 30 Jun 2021 12:48:05 GMT
Server
nginx
ETag
"60dc6805-4f9d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
20381
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246658_0b9d7dee25.jpg
zn3.2xclick.ru/img/300x300/658/ Frame D4A7 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/658/1246658_0b9d7dee25.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
55306872269e2f1b8b7df1b131017007577c4b4ae361f9c1e3cc0118e0e29b1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 12:06:42 GMT
Server
nginx
ETag
"61c46652-6a0b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
27147
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0.gif
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngCY0OO_TO0Ag==
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngCY0OO_TO0Ag==&bounce=1
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngCY0OO_TO0Ag==&bounce=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Thu, 23 Dec 2021 17:31:36 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngCY0OO_TO0Ag==&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Thu, 23 Dec 2021 17:31:36 GMT
preuJIPZheUKedacC0sm
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/
Redirect Chain
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HEsngCY0OO_TO0Ag==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/preuJIPZheUKedacC0sm
43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/preuJIPZheUKedacC0sm
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/preuJIPZheUKedacC0sm
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
content-length
0
preuJIPZheUKedacC0sm
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/
Redirect Chain
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HEsngCY0OO_TO0Ag==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/preuJIPZheUKedacC0sm
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/preuJIPZheUKedacC0sm
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/preuJIPZheUKedacC0sm
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
content-length
0
0100007F79B2C46117001E4302EE7D1A
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=uZQlT2HEsngCY0OO_TO0Ag==
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2FSape-dsp%2F$%7BUSER_ID%7D&dp=14
  • https://acint.net/rmatch?dp=14&euid=0100007F79B2C46117001E4302EE7D1A&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F79B2C46117001E4302EE7D1A
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F79B2C46117001E4302EE7D1A
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F79B2C46117001E4302EE7D1A
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F79B2C46117001E4302EE7D1A
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HEsngCY0OO_TO0Ag==
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
Ai3ULYJnbXNU_Tf-1f5J_AQ
fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngCY0OO_TO0Ag==
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngCY0OO_TO0Ag==&tuid=-5455599665
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/Ai3ULYJnbXNU_Tf-1f5J_AQ
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/Ai3ULYJnbXNU_Tf-1f5J_AQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/Ai3ULYJnbXNU_Tf-1f5J_AQ
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HEsngCY0OO_TO0Ag==
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
104
x-xss-protection
1; mode=block
expires
-1
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&tizer_id=212162&r=0.7326863533995556
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=windows-1251
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=10139&f=2&ref=https%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&gw=300&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
58ed36c9543d7d9c14d3e9010bda29fb36f1070d118536a7577d97ecce05070b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
if
a4p.adpartner.pro/tracker/ Frame FB04 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2246e05ec2-befa-4543-ad8b-4abe4bdbded7%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22504dc77a-987a-49f9-9f7a-47e13550619b%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2287653b3c-bac2-40ad-a738-e0eea0a239ce%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2245beff60-da0c-4f18-bb10-028f56cbf29f%22%7D%2C%7B%22ad_id%22%3A1714798%2C%22cost%22%3A0.000399628%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22978a1c9e-19df-40d1-adeb-44b2d52db912%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 4297 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2246e05ec2-befa-4543-ad8b-4abe4bdbded7%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297875%2C%22cost%22%3A0.000731996%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2291df2419-a552-4ccf-877b-d81323b33373%22%7D%2C%7B%22ad_id%22%3A2004555%2C%22cost%22%3A0.000173399%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2260bb657d-066d-48b2-a7a0-44b282ba6879%22%7D%5D%2C%22unit_id%22%3A7882%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
informer
data.24smi.net/ 		646 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280697&ptz=0&pl=en-US&object=13248&template_id=1282&num=1&ref=&output=json&chash=MTtYyOvu6h&extids=&callback=__smiCb1640280695420
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
74e814cb7ef9a3e7fe7f2ad10dc8d4a808d906724372d926726233fa1c9782e1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
content-length
646
if
a4p.adpartner.pro/tracker/ Frame 8180 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252246e05ec2-befa-4543-ad8b-4abe4bdbded7%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5555%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fnewsyou.info%252FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI%2522%257D
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1BEA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1BEA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1BEA 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 18 Dec 2022 17:31:37 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 1BEA 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 18 Dec 2022 17:31:37 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1BEA 		43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ezd7kAHbIRnoGeKlU3uCLY8ITtMW8Q5v67JxWO6k_f8PTrVnBB2oHtyRnndicTP6X34Hl9wU_NHZRuBzur8HvDlHedihcNBiycFXLUM8SXvyt32y3VQwJaTEK5HUrWjL4EqfstJYvk90V-4KRdYZsd3RkIqHkG3fq0YfHKWuh652pNRYPtX43NFx3uZWowWTN5SHN_W3z-c0qno1GQdq_do9CXyfGCs0qLOU24j6pYdadQ8tBIUxFMdBdmOgXQ7n0IYwFKRmEM2c_BowfTWbKCStBdAaUus9yqvcci5_IC2lxcK_cc84sg7ka4DhpbjjHkyJi0rAjzDLMTYZUKmqtHT71aFQjUJ7E2QSJV8mIx6y0b7f-y9pJxeDYBkF98U2duP-N3RLWEoq7G3qEG4mfC86P5k_COf1bxs5O-lXoxBZMryrn1muJAk7moEmMPSSPaWKVg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6261
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
m.mixadvert.com/show/ Frame 9752 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5876&r=0.8292002494927568
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
62e687d450746204a09733b76edaa84a048b6a7099cc1cf1bac047c8e682972d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
dpixel
cms.quantserve.com/ Frame 582C 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNVEFxopzAvLMAzWmSPoRg&google_cver=1&google_push=AYg5qPJgfAZJeQA7gwI418-nD9RVz6tJ38dEciECiEWUuvD3OHmBZIRNfAgoR5LJUFMZn1i3-OwyAIP1EMxUgljZKUibK7RrmHsW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 582C
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEM7hnbkVra_7vjaK9q-ms9w&google_cver=1&google_push=AYg5qPI1Z2W-DjKXG3KQ0OQ8802G_3YYLE8oenhThP0hqPyf4FULLfVzPmKfPJfVFLekdnP8tjPPPsI2jgEqe65m1mMgNYGwn1yN
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI1Z2W-DjKXG3KQ0OQ8802G_3YYLE8oenhThP0hqPyf4FULLfVzPmKfPJfVFLekdnP8tjPPPsI2jgEqe65m1mMgNYGwn1yN&google_hm=Q0FFU0VNN2huYmtWcmFfN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI1Z2W-DjKXG3KQ0OQ8802G_3YYLE8oenhThP0hqPyf4FULLfVzPmKfPJfVFLekdnP8tjPPPsI2jgEqe65m1mMgNYGwn1yN&google_hm=Q0FFU0VNN2huYmtWcmFfN3ZqYUs5cS1tczl3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:36 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI1Z2W-DjKXG3KQ0OQ8802G_3YYLE8oenhThP0hqPyf4FULLfVzPmKfPJfVFLekdnP8tjPPPsI2jgEqe65m1mMgNYGwn1yN&google_hm=Q0FFU0VNN2huYmtWcmFfN3ZqYUs5cS1tczl3
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 582C 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEBqiGY-W4JoQalBfV8z9oU&google_cver=1&google_push=AYg5qPIFr9lmIakLhG5EyNHAHlNqkgMy42aWeM1kMd9kPD4rdppk4cKXOfVbVrpCSmnUa1vp-EClTAKkXmzoud9ZfhuhDIZTC8t-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
2kebuco7b9i3o6ll4m2svvgolea2uh5b
pixel
cm.g.doubleclick.net/ Frame 582C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wxuyj3NmRVqC9lLDapVE1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wxuyj3NmRVqC9lLDapVE1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKQQ-guxkvZ552EYTm5zLa4VJXkxDC8sW8X6jzNOw_98Z4hEEppJlIXCqHcIeBuEX1Yesq1oQGrBfaqdpTSAj4XRE4mGQJO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wxuyj3NmRVqC9lLDapVE1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKQQ-guxkvZ552EYTm5zLa4VJXkxDC8sW8X6jzNOw_98Z4hEEppJlIXCqHcIeBuEX1Yesq1oQGrBfaqdpTSAj4XRE4mGQJO
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 582C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIJF7v4CMO25GZStd-GwPWA&google_cver=1&google_push=AYg5qPJbKfl9_W4A7Ws7zlV8r7dijQtQ_LhbHeXBmXN4mYjXnNS2nORYFLgHH9F7Xjfjdoyh8Pp...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZQkUtMjgtOE5DNA==&google_push=AYg5qPJbKfl9_W4A7Ws7zlV8r7dijQtQ_LhbHeXBmXN4mYjXnNS2nORYFLgHH9F7Xjfjdoyh8PpsnBmS6d8JuHNxBkW4CLBIOj0k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZQkUtMjgtOE5DNA==&google_push=AYg5qPJbKfl9_W4A7Ws7zlV8r7dijQtQ_LhbHeXBmXN4mYjXnNS2nORYFLgHH9F7Xjfjdoyh8PpsnBmS6d8JuHNxBkW4CLBIOj0k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZQkUtMjgtOE5DNA==&google_push=AYg5qPJbKfl9_W4A7Ws7zlV8r7dijQtQ_LhbHeXBmXN4mYjXnNS2nORYFLgHH9F7Xjfjdoyh8PpsnBmS6d8JuHNxBkW4CLBIOj0k
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 582C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVF...
0
0
trk
ag.innovid.com/ Frame 582C 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEI4X9E6zPUQk0dy6CWE2b08&google_cver=1&google_push=AYg5qPJBdesg2bpOHUC4bfBbbgCK1oAT2idjhN6x6z70WffuLaLq63wiKwzEWtqDxBid53ycx1JzV85PwU1aYZrP1oNLyj0d5Hlh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:445b:903:c624:a695:f9d2:6242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 582C 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKhgYANHMbhVEVzT5i58csHl2uK8h7Tl-1Ttl9KUoRAsw2Tb8dFGoDaYmzVGK1d0vhABtP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695484&bpp=2&bdt=750&idt=662&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pTgwHFVD6k&p=https%3A//newsyou.info&dtd=670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
m.mixadvert.com/show/load/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7880&id_name=fnjyF&teaser_name=YFYTHik&block_name=QncHrt&ban_teaser=438578,438579,438575,438578,438579,438575&r=0.5502734736716721&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7880&r=0.05347208136752979
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
bac8bfdee5ab72a4525e91652bdaad52eb1d2b078011efea385c3e19e9856472
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
loader.js
news.2xclick.ru/ Frame 901E 		102 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/loader.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-bottom.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
3eb4db2e6c27e9a8a54e3a1d233f47265a21634f8021c4f750578e5af7f2c590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Nov 2021 08:40:17 GMT
Server
nginx/1.10.3
ETag
"61a5e371-4e4d"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
application/javascript
Content-Length
20045
Expires
Fri, 24 Dec 2021 17:31:37 GMT
/
m.mixadvert.com/show/ Frame 1180 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5709&r=0.9337910829819935
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
6d1181b4172cb366aa983b9233653c810be723ca9076bf999cf79056a5644a9a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1BEA 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
667040
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LF%2BPz%2BUsl4y6LtVQdwt%2B96I0xmlSCdqb6%2FyDHcRcorytoa0E4tkWBl2roHnJUx6KP3UzBrXZEXBt4rpelciby1%2BAY%2BInm6xdWEp83RrPEojIZsm36amFsOd4q9LmWHaOxRyfk38cm6z%2B%2BLMls8PTbpQk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c2353176a46375c-MXP
expires
Tue, 13 Dec 2022 17:31:37 GMT
informer
data.24smi.net/ 		1 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280697&ptz=0&pl=en-US&object=13267&template_id=1281&num=2&ref=&output=json&chash=MTtYyOvu6h&extids=&callback=__smiCb1640280695421
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
d3053829bf9a78772c8b8db58750a3da92c64b0b879e8a1a87b980120882c857
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
animejs.js
static.criteo.net/animejs/ Frame 1BEA 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
img
pix.eu.criteo.net/img/ Frame 1BEA 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=cJzrnephzXW9iVv6c44m7p2v
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 09:28:31 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
633785
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=29216541
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
11345
expires
Sat, 19 Nov 2022 13:10:53 GMT
img
pix.eu.criteo.net/img/ Frame 1BEA 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=800&s=LzlBB40wIezU9oSbleSOY3Pn&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0769a620ccba5a6119e7c4ac2c741513c0e5c20d1c13001caca6d838be89c8d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80848
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
141508
expires
Thu, 22 Dec 2022 19:04:08 GMT
img
pix.eu.criteo.net/img/ Frame 1BEA 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1174668-_x600-nocrop.jpg&v=3&w=800&s=m-wwJ7WRRbN6k_awgTm2M-TV&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a904cee9c6ca0cd7a89c18dc4dfef8aa058220c8e2a6b5c91725daae52730153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:10 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80846
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
132606
expires
Thu, 22 Dec 2022 19:04:10 GMT
img
pix.eu.criteo.net/img/ Frame 1BEA 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F2085544-_x600-nocrop.jpg&v=3&w=800&s=UjvMmdlUnj4lQsZJwpllj3fU&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
15f3c556ad662edbd583450f4ee20aac3183c2a09ba9a04aba83287ec2c3d81d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:21 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80835
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535994
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
53316
expires
Thu, 22 Dec 2022 19:04:16 GMT
img
pix.eu.criteo.net/img/ Frame 1BEA 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1198576-_x600-nocrop.jpg&v=3&w=800&s=lBWbTTwcu4UBQ_mvjjGXtmVK&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ea6f21037126fc3c7dd89866d96b0d0ff3bc01f95de99f63455152983c038897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80844
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
123280
expires
Thu, 22 Dec 2022 19:04:12 GMT
all
csm.eu.criteo.net/ Frame 1BEA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=NoLbqdua4j8TotWV4RCBNZBBkOE2JlwGD3g61VTK5-XQ928OQhfD9QAFTHdTKSpnm-EcX-h_3M-aLHDe7fsz-sCAvgoGezrFiXVM_U1969PpgX1b0txVonP1L1Sir79w2H74NGlAONukfF0o6tsr3xB3SP8OwyA4m6brdMenLCtDi9WPXLe23b52IZZSl420jrjyldxb9bUnpS-R-O_MbarduvRaobYWn41IHfSxuVlddjMD7sHX5b3qBUUBObK41wQrEw&sds=2&rev=79924&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1BEA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1BEA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
jquery_1_7_2.js
m.mixadvert.com/show/application/js/ Frame 9752 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/application/js/jquery_1_7_2.js
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5876&r=0.8292002494927568
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 /
Resource Hash
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Mon, 17 Oct 2016 18:47:41 GMT
server
nginx/1.12.0
etag
"58051ccd-17278"
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
94840
expires
Thu, 31 Dec 2037 23:55:55 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 07D9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07D9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 07D9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:15 GMT
l
www.google.com/ads/measurement/ Frame 07D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQ9TK2yJkyY8SElYlpX6p0C7uQJluk9UPjYJAV8nIjz-NgcxOSJPlcDYAYzkEGFJbiBl07LfxjACVEia9-QN5mWN-w3w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 7F42 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246879_2abcc89321.jpg
zn3.2xclick.ru/img/400x400/879/ Frame 7F42 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/879/1246879_2abcc89321.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
d18621f7385067fcfd7ddf9af42da75c9026a0d74be6db9580f5fbe6bf73dbce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 16:27:43 GMT
Server
nginx
ETag
"61c4a37f-429f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17055
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1243774_b5874d6dae.jpg
zn3.2xclick.ru/img/400x400/774/ Frame 7F42 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/774/1243774_b5874d6dae.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
f691f8ca77961efc68a2a3a39eb5fee440a429949574cdd5a23cef733b46ff0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:39 GMT
Last-Modified
Fri, 17 Dec 2021 15:50:39 GMT
Server
nginx
ETag
"61bcb1cf-51e9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
20969
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&tizer_id=10139&r=0.2189269647069001
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=windows-1251
adview
googleads.g.doubleclick.net/pagead/ Frame 07D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQnUpebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIUCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWkDlVSOBJ8dmU7PQjzi6AIEdi7F5Rnf1h62Re6rCxS3izFdjFGFSgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=yi_VPFpTsCQ&uach_m=[UACH]&cid=CAQSOwCNIrLM-ej48edRNj4A9r0ZMiDJTlkGZWxBVtu83w9sEVptxTxE7zBcKEniwzi8q1_KyXWYBLOUcrj4GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 07D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gepr8wr0mcy6xn1mkb79fh7n746atk9zx4dqzcxxc9a29dre2w20t39sq2s0e6ykwtmzgf8j946d52ye7xwyz9mw91bk9hy876zz4zmk086tmy11gdj0ja4dzz1d8nyzh316tbch57ps0ej8t1vn42sejjtdygknc9emj1fdc2fk1vygev9wt3phmark9atcz1tj4kqa6sac8w3vk3khswxew8dmwenp5nh85gd2b44by5w4qqe803n1ah6jeajy89k67vnyqz8tms61sx9kqygvrtdbsm5nr86ett0k9p34k8jj9e7w7fgpfmshbmfqy8dg6k8wv3wq4egs9e10pq3jdk6wry9yxeqenrt59gq02fdvs4y967rhdfdkvkgdyn6d6pbc89j0a4t8smcr24p410sg&b=YcSyeQAB-XkGrTQ8AAc53KIrdb4rgh2hmKvwig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame E403 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gat99c74ennwtvg1csymj0yfd2gag457h9q5jcg38pab3b13h9xza6zsnxvpah8nh4p71x1jr7qt02e6r3crtbegjtgc8arcv9y1drw19sfekq2wqbabh95t79qchqs4cwx9xaeykg0crr9kr6kggb81btz5x5vcp9ejxpb8w9x1mm3fhzeq6zdq38rc6m1yhf77mj5bcj0zw96hh2dvsrbhf7ywp70kjajkyrgf3whk5ej6zacyxcebdpern40chax73phxqhpp1e7p760y7g0czc6vf69b869f6yd9sgvwqb8jxytw1ew80vax4w0ed2tmssbcjfx8xcqm8k9f2ntfg7815jb22bd52pm3561axjwta321tr9zze10exrc4gfwja7th35e3h6wwh3c619c67zgkd0cv7fvhtv23em3m2tcss92&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b8f5240340cb089cf984caacde8c6a3ec1f5a21f40c2f380ed34ab0631857a2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2353182b0f68e6-FRA
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A9EA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14725
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
internal
dmpprof.com/matching/ 		141 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&title=%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%20%D1%81%D1%80%D0%BE%D0%BA%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20COVID-%D1%81%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B2%D0%BA%D0%B8%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&dmp_print_id=75f67d020a6c2c4561d1ca4670345b0a
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cc272e4da29927be89e8350b0718da7558b901533cf2e75345e3e8c1fbd82053

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
141
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13978&f=2&ref=https%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&gw=300&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
6bf764a3a03b9f8ec9fb016e986469ffb95d9d2b049fe0808af5e57e40f2eb0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280697&ptz=0&pl=en-US&object=14482&template_id=783&num=3&ref=&output=json&chash=MTtYyOvu6h&extids=&callback=__smiCb1640280695422
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
9d4f4a863418edc852e61c4f78f2ef061e033eeb7b86ea9e44e35064b0c6d58f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
css
fonts.googleapis.com/ Frame 1BEA 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:59:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:37 GMT
/
m.mixadvert.com/show/ Frame 5C84 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5709&r=0.7266763893708588
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
453531d14260e17c2e2a85f1f23ac4df44ba6c02182f9d77bda7f9b41a1cc89f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F2C9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F2C9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F2C9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F2C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUIkQebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBIsCT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI9_bbH_T3RQsUNqidKNmBaKRstA1oifzD_YVcKThP3dB-vGwFkW-gAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=7v7i0pwZBMU&uach_m=[UACH]&cid=CAQSOwCNIrLMZld0jyG79rRUgwNt-HvJW4Dwq7gQjyraCg3wleufaP60p8V_mYCWBH8Z95imMOxVQP4gFfcdGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame F2C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kwzzk7zktk8eb49pbqerewx6rp6wqjmscwgg52s8110pgeptd32kcphfwem6garce0kwtvgaq20gw3a8tcf9rr8kx0wx45jf84nddb3t5wsvhd5t87drp4v1z67r3jzmm3p323ca90bdz5kqrmq6daxysm0a36qknvmafwg8nad7rhh1bzay1mj2rekkz52gef0j7ny4ceaxhdkf0r7zwqcsq4hb7gpwt187d94yjw32x4zvq4hxhfyz3w8eb1yf6kgwegkbg0f9aa69mmqynhkdvb1031dretwkhr4mrbf78ft444m1yazp2v9pqf9jp0zgjw6hxb7npw3v6zbesz64cvma8p1th4fp7tfh6277zsn5rne69sgb7az8901d34qf8wgqt6fb1gg8ytmxfqrf1exj&b=YcSyeQADZS4GrRW1AAD31PDnbzViwXKZFlo9zg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame A1A6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1heheq88nkye3x7qp9anzw1ttdspbs2997rdqbt5nk509tgbv1120r1dcvmps6q9qdvfaf78capefxp68hp6vzq0s3aqec1mq02j1ghtmdkd82gww0q0yfdjthqx2ncbm2x146zvcqthstmaz9gh3k2erz271qcgws9zarav694qg1bx8k91120a4w1fbdg0ebv5mazr66211xb0tjh14x2nmt9re4hs6jjp4p61tzsxjf3t1gvspb2eh8ghdrw5bs0xh0c5sx7xjk5yh8zw04nh2nzrk7fe15djs8zyvbdfzjqxr8y3bdecc761qm4nzyfqg23ehkrekdkbqh0h2khz02d2mff8p5n4edfzsb9dc1v5tmxzm9yx7tfa3r53rdmdy0gqpesgx2y9hyfcmja4ta1pqf90vaqvwb13sdeea2fmjxx7t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a4c543157779595999265131ee57c007836c8f51a9e961a44c381707669268
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2353187c938bc3-FRA
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4087 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14725
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 07D9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f42a6f4e26973a155c49e196427504f906c2f2b1762ffa42a406a54e5508fcc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 1BEA 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 20:07:29 GMT
x-content-type-options
nosniff
age
163448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 20:07:29 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 1BEA 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 03:56:06 GMT
x-content-type-options
nosniff
age
135331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 03:56:06 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:10:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:37 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 12:42:17 GMT
x-content-type-options
nosniff
age
449360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 18 Dec 2022 12:42:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
142651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 01:54:06 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 11:23:17 GMT
x-content-type-options
nosniff
age
194900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 11:23:17 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 05:39:34 GMT
x-content-type-options
nosniff
age
129123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 05:39:34 GMT
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ Frame 901E 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=10138&f=2&ref=https%3A//newsyou.info/&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
914129dccbcf219e8ed8763acebdd2869e0e40f36cadf9cb5d28aaa16f4afc89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 11:06:27 GMT
x-content-type-options
nosniff
age
109510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 11:06:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 05:33:18 GMT
x-content-type-options
nosniff
age
129499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 05:33:18 GMT
95b9b370494c2558bec06fe1897c5c1f.jpeg
img.servestatic.net/300_300/9/5/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.servestatic.net/300_300/9/5/95b9b370494c2558bec06fe1897c5c1f.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93398887feeae6379c164b5421590428a861e7454218df7d47fb5166a31dbf35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88587
cf-polished
degrade=85, origSize=31308, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17830
last-modified
Fri, 06 Aug 2021 07:31:47 GMT
server
cloudflare
etag
"610ce563-7a4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5In33%2FiBjeoYCkz5E8SZde3o5Hn2kPtK4P%2Bhp71u8Av1XX5pM7SaaLD1KNqs15ZtfAl0qS0Vl80GkEKjfYgDtEk8kevl23K0yeoc4JjUFRjpnm0hzldSzi2%2B7kZoy30z1fE05sYcs3Pm048ztR3yeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Fri, 24 Dec 2021 16:55:10 GMT
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c235319e9434a98-FRA
cf-bgj
imgq:85,h2pri
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 270D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 270D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 270D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:15 GMT
l
www.google.com/ads/measurement/ Frame 270D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTBxe0u2yLvGysUgtlr-xYGrgf6gEnSPiY7IjkGKjBz13XWOIY9olACKzQpG2fErTHUiqz29YW7KnhnK5lSz-DLP0_0g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame E403 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gat99c74ennwtvg1csymj0yfd2gag457h9q5jcg38pab3b13h9xza6zsnxvpah8nh4p71x1jr7qt02e6r3crtbegjtgc8arcv9y1drw19sfekq2wqbabh95t79qchqs4cwx9xaeykg0crr9kr6kggb81btz5x5vcp9ejxpb8w9x1mm3fhzeq6zdq38rc6m1yhf77mj5bcj0zw96hh2dvsrbhf7ywp70kjajkyrgf3whk5ej6zacyxcebdpern40chax73phxqhpp1e7p760y7g0czc6vf69b869f6yd9sgvwqb8jxytw1ew80vax4w0ed2tmssbcjfx8xcqm8k9f2ntfg7815jb22bd52pm3561axjwta321tr9zze10exrc4gfwja7th35e3h6wwh3c619c67zgkd0cv7fvhtv23em3m2tcss92&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gat99c74ennwtvg1csymj0yfd2gag457h9q5jcg38pab3b13h9xza6zsnxvpah8nh4p71x1jr7qt02e6r3crtbegjtgc8arcv9y1drw19sfekq2wqbabh95t79qchqs4cwx9xaeykg0crr9kr6kggb81btz5x5vcp9ejxpb8w9x1mm3fhzeq6zdq38rc6m1yhf77mj5bcj0zw96hh2dvsrbhf7ywp70kjajkyrgf3whk5ej6zacyxcebdpern40chax73phxqhpp1e7p760y7g0czc6vf69b869f6yd9sgvwqb8jxytw1ew80vax4w0ed2tmssbcjfx8xcqm8k9f2ntfg7815jb22bd52pm3561axjwta321tr9zze10exrc4gfwja7th35e3h6wwh3c619c67zgkd0cv7fvhtv23em3m2tcss92&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695194
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c2353190e058bc3-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame E403 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gat99c74ennwtvg1csymj0yfd2gag457h9q5jcg38pab3b13h9xza6zsnxvpah8nh4p71x1jr7qt02e6r3crtbegjtgc8arcv9y1drw19sfekq2wqbabh95t79qchqs4cwx9xaeykg0crr9kr6kggb81btz5x5vcp9ejxpb8w9x1mm3fhzeq6zdq38rc6m1yhf77mj5bcj0zw96hh2dvsrbhf7ywp70kjajkyrgf3whk5ej6zacyxcebdpern40chax73phxqhpp1e7p760y7g0czc6vf69b869f6yd9sgvwqb8jxytw1ew80vax4w0ed2tmssbcjfx8xcqm8k9f2ntfg7815jb22bd52pm3561axjwta321tr9zze10exrc4gfwja7th35e3h6wwh3c619c67zgkd0cv7fvhtv23em3m2tcss92&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72212
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BtSLzVcs%2Ff2Cvqolq8JlPmU%2FiIi59tiu5VhRVLtH2xFucbdqvzFDjJPXKzUSgoj48Z%2BkLZBE%2FF2Xi1ZOlt%2BeviXmv90%2BzJn%2FOSGdQYrZpYIdH3T04WnvQcc4EWBT4W4vakA5iQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Wed, 22 Dec 2021 21:28:05 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c2353191d2768e6-FRA
cf-bgj
minify
adview
googleads.g.doubleclick.net/pagead/ Frame 270D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CojUMebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiwJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_7keF2V4ngkzidBajlGI-nijiwjYluuAMt0IguGoHsKZKQ1Z4UcVaABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=QCzeGxrbKus&uach_m=[UACH]&cid=CAQSOwCNIrLMJG5N6XCDeG8J_r14snBJQd1ixpUNo1rtD0qXrQ27NYyEJS41jp5y4lqh0VHy0QB_dQa5daa1GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 270D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UKW_EN-BMKwC2ASdg2ICAgAAAK-H23UgPu_REHiyxGE8zdH6fLadXOKKqgAS&wp=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
Kestrel
server-processing-duration-in-ticks
258560
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1996 		242 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4f7d671fb4f3b7e59e88ea0b897a8ffdf268b7ef5fd757b815f5322eca9a9457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uf2mjdua4j8TotWVO-Zyfu07ySFdDFU__ToeV85hmlqJWn9abmIyAMKh-N-zv3y24zW558OPfXFD6euA-yLigzZUhojX1JhAJ_hZRqYRgYZsEmXriJeBvVdUN2vlLJ1tQKvAbrYTFraXYpzpC7RurWV7r7qL1w1FGqfJvtr2ZvAXDRAvW0JXVibs_UvjD-Sg36HhOWnOx3w6cBXu5koub7qMDCtkFNj3-yA8F3KmM0ib1wikOIhQDyVYeRAjosAQHYMrR-N0sqivgNg_"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
186288629
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A456 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14725
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame A9EA
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNVEFxopzAvLMAzWmSPoRg&google_cver=1&google_push=AYg5qPLF1tjsQmxf_BqtwUEX5Yi_hLfBnNP6K15BRzlLY_t8ebRej2Xawo...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLF1tjsQmxf_BqtwUEX5Yi_hLfBnNP6K15BRzlLY_t8ebRej2XawoCDqmSDHGTO_o5vsyhRGdoTKF0g_wgwF25HsRoB8RI&google_hm=nmfmJk9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLF1tjsQmxf_BqtwUEX5Yi_hLfBnNP6K15BRzlLY_t8ebRej2XawoCDqmSDHGTO_o5vsyhRGdoTKF0g_wgwF25HsRoB8RI&google_hm=nmfmJk9_k4nXLYuXzC-a0A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLF1tjsQmxf_BqtwUEX5Yi_hLfBnNP6K15BRzlLY_t8ebRej2XawoCDqmSDHGTO_o5vsyhRGdoTKF0g_wgwF25HsRoB8RI&google_hm=nmfmJk9_k4nXLYuXzC-a0A
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A9EA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LprqyrlifJO0SGHqyDmsoa25dqOqjy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695489&bpp=1&bdt=755&idt=1537&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nXZClrkDxX&p=https%3A//newsyou.info&dtd=1543
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame F2C9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26f366a22bb588b6e658c80479db3c55e7a51bf66f578ade7af7f0b1425c0c1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A1A6 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1heheq88nkye3x7qp9anzw1ttdspbs2997rdqbt5nk509tgbv1120r1dcvmps6q9qdvfaf78capefxp68hp6vzq0s3aqec1mq02j1ghtmdkd82gww0q0yfdjthqx2ncbm2x146zvcqthstmaz9gh3k2erz271qcgws9zarav694qg1bx8k91120a4w1fbdg0ebv5mazr66211xb0tjh14x2nmt9re4hs6jjp4p61tzsxjf3t1gvspb2eh8ghdrw5bs0xh0c5sx7xjk5yh8zw04nh2nzrk7fe15djs8zyvbdfzjqxr8y3bdecc761qm4nzyfqg23ehkrekdkbqh0h2khz02d2mff8p5n4edfzsb9dc1v5tmxzm9yx7tfa3r53rdmdy0gqpesgx2y9hyfcmja4ta1pqf90vaqvwb13sdeea2fmjxx7t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1heheq88nkye3x7qp9anzw1ttdspbs2997rdqbt5nk509tgbv1120r1dcvmps6q9qdvfaf78capefxp68hp6vzq0s3aqec1mq02j1ghtmdkd82gww0q0yfdjthqx2ncbm2x146zvcqthstmaz9gh3k2erz271qcgws9zarav694qg1bx8k91120a4w1fbdg0ebv5mazr66211xb0tjh14x2nmt9re4hs6jjp4p61tzsxjf3t1gvspb2eh8ghdrw5bs0xh0c5sx7xjk5yh8zw04nh2nzrk7fe15djs8zyvbdfzjqxr8y3bdecc761qm4nzyfqg23ehkrekdkbqh0h2khz02d2mff8p5n4edfzsb9dc1v5tmxzm9yx7tfa3r53rdmdy0gqpesgx2y9hyfcmja4ta1pqf90vaqvwb13sdeea2fmjxx7t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695194
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c2353197eee8bc3-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame A1A6 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1heheq88nkye3x7qp9anzw1ttdspbs2997rdqbt5nk509tgbv1120r1dcvmps6q9qdvfaf78capefxp68hp6vzq0s3aqec1mq02j1ghtmdkd82gww0q0yfdjthqx2ncbm2x146zvcqthstmaz9gh3k2erz271qcgws9zarav694qg1bx8k91120a4w1fbdg0ebv5mazr66211xb0tjh14x2nmt9re4hs6jjp4p61tzsxjf3t1gvspb2eh8ghdrw5bs0xh0c5sx7xjk5yh8zw04nh2nzrk7fe15djs8zyvbdfzjqxr8y3bdecc761qm4nzyfqg23ehkrekdkbqh0h2khz02d2mff8p5n4edfzsb9dc1v5tmxzm9yx7tfa3r53rdmdy0gqpesgx2y9hyfcmja4ta1pqf90vaqvwb13sdeea2fmjxx7t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72212
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5jMmqv7BxA15urw2hFHMZwcbhjBD6E7RtDPK0QpMdPeZKAerlfM%2FNZ5Rv5vIAZWMt5ljZtOFPYUg8xk35R%2Ba5%2BNiTg5mpWSClDqpg1vytv6asbLKqxTM0Tl%2F7eNCBfBg1s8gkY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Wed, 22 Dec 2021 21:28:05 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c2353197ef28bc3-FRA
cf-bgj
minify
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 0514 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246215_a759d52860.jpg
zn3.2xclick.ru/img/400x400/215/ Frame 0514 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/215/1246215_a759d52860.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:39 GMT
Last-Modified
Wed, 22 Dec 2021 19:54:14 GMT
Server
nginx
ETag
"61c38266-6301"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
25345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HEsngCY0OO_TO0Ag==
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HEsngCY0OO_TO0Ag==
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
103
x-xss-protection
1; mode=block
expires
-1
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&tizer_id=13978&r=0.1963761479433932
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=windows-1251
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E403 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783011
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uy%2F3lmnoPNwsn3VvPjoyIWqOFRPLSinpvW8q%2BlFvCKwa4aKg3Au4egyeSz618xAWzTK3ZE49mcKSS0eEU72kSMaGdiWU0oEg%2FEjXyQHAjmXRkd08hexuhx5BhRNKt0PZGj8zfm%2B%2F6gFBR2pjKDNmbxXM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c23531a39693760-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
/
vcmjf535tx.ru/json/ 		49 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vcmjf535tx.ru/json/?user_id=cb47997f-3352-415f-ba5e-7172d357ec64&site_id=7221&blocks=6944%2C610%2012512%2C300%208032%2C300
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1e474b50037b3121ba37bb6fa3c6ca283b32741a17c601818cf25b02f0334e8f

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
x-adsbid-request
f8523e29bbb2efaf7d94fe1c46c1b1e9
vary
Accept-Encoding
server
nginx/1.18.0
content-type
text/plain; charset=utf-8
demography
prodmp.ru/pclicks/ 		3 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks/demography?domain=newsyou.info
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 23 Dec 2021 17:31:37 GMT
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=cb47997f-3352-415f-ba5e-7172d357ec64
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=ccb0d0e5568e45c490260f083227a230
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ccb0d0e5568e45c490260f083227a230
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ccb0d0e5568e45c490260f083227a230
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame FC05 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C_XvdebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEiwJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTzq5N-h6zHWEyhMCpuBK-iFBmttvwkplTN-99FYne36GQ5JYB5GmABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=GaB9XwgrgRc&uach_m=[UACH]&cid=CAQSOwCNIrLMCojEO3GOy26dT_f1sS4_08v74Tnhw4FYR7eB4hgXOFVhy3gC1byxJrHM_Q_i26RUoloy9-7LGAE
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame FC05 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j1dfy26pek8ztcaz8h9fqza9vmdrr5t6883k30mvv5eeftzy39y07g72f5vb0gp76fk5sm40dwe3mvz4xcx5qg30s481wccbrcdvsnd1mwx72pt4q70ww8c624w70nz8ckpqn7fcqnpy1gs30c1e147bbtprh62m7zf75gpwd725wrt6996dqd08a2zv6v2tc7j0eg2tx6b2v0297nq11zsyw584nn1vmkega37egmccj4rn6eakkdrtjfs48atd52ybahys5zdr80j3t8vsnqj6bcczqwm0dqrrg23ffqsda8jkb8pc1kppnsbj60bxtjy0dw0kd6v4ekkdxe8fg3w6wpmg110c4gpk94rfvymcj3w1xa1snyv318gbttkb706en9cg53x0kf5wch2fb15wk64y&b=YcSyeQAEjIkK5w4tAAPr8_4RacZkeNgy1XFP6w
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 392E 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h2byxq689ckdpcavqw4nm140v0jabmxezwz8wk21p1gk9f46v3549jct96zzjwqn6762gbhkcrpwx9qcxdew98brg1c3qzc3d68xfaxvxy344ntb9jpv2639y7cnb6tdt8ykywrjhtamfw17yg2184d85dsatf487jfymdtqy7504p06e0p942m68df9a78adafrzxp95486r55x1858nzvxv5ege2h00bksqrefkyhwh6chp3egdm8tbm4ae25q0m5wcdw7ac48kxdxdv91jafht4rrszmvhpnnx0mqm65q7dg2we6ca02azw7rj99t07kty3nf7xp81hj5xe56et9zbab720heghqyba9vv56zk6fpqqmc61ypnybhjtg4vs061wzj2pdnktp6cbpts3eez04ha685w09axjfr1mq0zsj667ha&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab4481a0bd675bbcdb7eda1f4922f43cfce3e559aa83bffe6ec366e5a69f3529
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c235319f81d8bc3-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame FC05 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 068A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14725
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FC05 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame FC05 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:15 GMT
l
www.google.com/ads/measurement/ Frame FC05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjWzAYZTvzVm9-GrDjJULG6EOb4AZ0UIAFBLo_dQvKGe8311R6glx06SCQS2IiOwoq6_r9dEqE3-ToUntv0teUN_RRrQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 4087
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNVEFxopzAvLMAzWmSPoRg&google_cver=1&google_push=AYg5qPKN5g4vqQkuE8ve8DhrlVOVVJ1J6v8WEA8ik4W7S2d53wWronLuyD...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKN5g4vqQkuE8ve8DhrlVOVVJ1J6v8WEA8ik4W7S2d53wWronLuyDL-A16peX0G2Huamxy42XSbXwfXKNrEF3vCQTcwAc44Kw&google_hm=nmfm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKN5g4vqQkuE8ve8DhrlVOVVJ1J6v8WEA8ik4W7S2d53wWronLuyDL-A16peX0G2Huamxy42XSbXwfXKNrEF3vCQTcwAc44Kw&google_hm=nmfmJk9_k4nXLYuXzC-a0A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKN5g4vqQkuE8ve8DhrlVOVVJ1J6v8WEA8ik4W7S2d53wWronLuyDL-A16peX0G2Huamxy42XSbXwfXKNrEF3vCQTcwAc44Kw&google_hm=nmfmJk9_k4nXLYuXzC-a0A
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4087 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kg1QIus49KA7L8sw69wdPXwR1r9_qO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280697&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695490&bpp=1&bdt=756&idt=1620&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=bUQMCViwI5&p=https%3A//newsyou.info&dtd=1632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 270D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7577dc43959f1ae737b059bc7fa11d60b2e718e49a13c5f1a273fcd790817b42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame 3B65 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires
Thu, 23 Dec 2021 18:31:37 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
1992624
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUHoFOUuj4dAkVD5Ahwl3jE%2FzRW6IqNw3KswT5hZaJS%2BgAfgYdiUUVevbsEUTjIh9qBfWkoiu2iRgSj4Yym9k25%2Bm3qvank7w3ZyQwLfQwgap%2F8WayGjghbNZQiMcc4tuz7Nnqk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c23531a38958bc3-FRA
content-encoding
br
/
m.mixadvert.com/show/load/ Frame 1180 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5709&id_name=sGryT&teaser_name=rjQeARH&block_name=DASSmZ&ban_teaser=&r=0.7257390515014785&host=newsyou.info&ref=https://newsyou.info/
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5709&r=0.9337910829819935
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
e07ea1b84fe36566664a8778c0cec50ffc16dc60ba86b14a1c2c9b91430dea53
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
/
ppvesdfiojol.com/ 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
6f64f65d90659d2edf7326b50c7280a4d4672876dc0afb6763904f2ac72db128

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
414630483:9
expires
Thu, 19 Nov 1981 08:52:00 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A1A6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783011
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SR1T5iyN3JnI04H1xetsrHrHZEED8D5VHVINZxJU42AsmcawFVBTuMJf0Y%2BEQhm47bg5VFvnAPRa9Sa%2F75xSv9e%2B7cj555liMspnhYFaPev8Hm6q%2B3Fc2PElAyCz2w1xcZQI1JwKJxynqv%2BKGxm3WOdO"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c23531a49ab3760-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame C5CC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246658_0b9d7dee25.jpg
zn3.2xclick.ru/img/400x400/658/ Frame C5CC 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/658/1246658_0b9d7dee25.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
ccd0d28962618c48f75fc894dde961d87f9bf9c1a45ed23e0ffc27eabcad7bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 12:06:42 GMT
Server
nginx
ETag
"61c46652-aafb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
43771
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1169373_a92fd42263.jpg
zn3.2xclick.ru/img/400x400/373/ Frame C5CC 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/373/1169373_a92fd42263.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-bottom.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
905466c4c23e5a91083c0e4547fb6c7c6d35adb11f3f4e3d64be8198b7545cd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 29 Jul 2021 04:52:58 GMT
Server
nginx
ETag
"6102342a-908b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
37003
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1153108_a465e98b7b.jpg
zn3.2xclick.ru/img/400x400/108/ Frame C5CC 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/108/1153108_a465e98b7b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-bottom.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
c4e0888c40cfca458708441e611877ea3facd789ffc92acf54a49cc45982d833

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 30 Jun 2021 12:48:05 GMT
Server
nginx
ETag
"60dc6805-87f8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
34808
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0.gif
x01.aidata.io/ Frame 901E 		0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngCY0OO_TO0Ag==
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Thu, 23 Dec 2021 17:31:36 GMT
userbind
match.new-programmatic.com/ Frame 901E 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HEsngCY0OO_TO0Ag==
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:38 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
AGNRClfj5WfyyWw8J-7ebRg
fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/ Frame 901E
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngCY0OO_TO0Ag==
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngCY0OO_TO0Ag==&tuid=-6280346572
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AGNRClfj5WfyyWw8J-7ebRg
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AGNRClfj5WfyyWw8J-7ebRg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AGNRClfj5WfyyWw8J-7ebRg
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ Frame 901E 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HEsngCY0OO_TO0Ag==
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
125
x-xss-protection
1; mode=block
expires
-1
preuJIPZheUKedacC0sm
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/ Frame 901E
Redirect Chain
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HEsngCY0OO_TO0Ag==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/preuJIPZheUKedacC0sm
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/preuJIPZheUKedacC0sm
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/preuJIPZheUKedacC0sm
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
content-length
0
/
fcgi5.gnezdo.ru/e/ Frame 901E 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=https%3A//newsyou.info/&du=https%3A//newsyou.info/wp-content/themes/newsyou/ads/zaglushka-bottom.php&tizer_id=10138&r=0.45161500546188194
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=windows-1251
frame.html
ad4m.at/ Frame 0A67 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires
Thu, 23 Dec 2021 18:31:38 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
1992625
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9WA8ZhoYoWO2sCYPzTrIs6mJzZlNOVJGqM%2BDr4Ph7i5%2F8GsCMCKDnS%2B2PyPbrp9DZIo7M7k0nR%2BO7Bn%2BYncMzTTll3tjgwve32W28BBVBdGVps%2FTc3HGLpuVq0AzAi%2Boi3l5qw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c23531a893f8bc3-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 392E 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h2byxq689ckdpcavqw4nm140v0jabmxezwz8wk21p1gk9f46v3549jct96zzjwqn6762gbhkcrpwx9qcxdew98brg1c3qzc3d68xfaxvxy344ntb9jpv2639y7cnb6tdt8ykywrjhtamfw17yg2184d85dsatf487jfymdtqy7504p06e0p942m68df9a78adafrzxp95486r55x1858nzvxv5ege2h00bksqrefkyhwh6chp3egdm8tbm4ae25q0m5wcdw7ac48kxdxdv91jafht4rrszmvhpnnx0mqm65q7dg2we6ca02azw7rj99t07kty3nf7xp81hj5xe56et9zbab720heghqyba9vv56zk6fpqqmc61ypnybhjtg4vs061wzj2pdnktp6cbpts3eez04ha685w09axjfr1mq0zsj667ha&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h2byxq689ckdpcavqw4nm140v0jabmxezwz8wk21p1gk9f46v3549jct96zzjwqn6762gbhkcrpwx9qcxdew98brg1c3qzc3d68xfaxvxy344ntb9jpv2639y7cnb6tdt8ykywrjhtamfw17yg2184d85dsatf487jfymdtqy7504p06e0p942m68df9a78adafrzxp95486r55x1858nzvxv5ege2h00bksqrefkyhwh6chp3egdm8tbm4ae25q0m5wcdw7ac48kxdxdv91jafht4rrszmvhpnnx0mqm65q7dg2we6ca02azw7rj99t07kty3nf7xp81hj5xe56et9zbab720heghqyba9vv56zk6fpqqmc61ypnybhjtg4vs061wzj2pdnktp6cbpts3eez04ha685w09axjfr1mq0zsj667ha&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23531ab9ba8bc3-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 392E 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h2byxq689ckdpcavqw4nm140v0jabmxezwz8wk21p1gk9f46v3549jct96zzjwqn6762gbhkcrpwx9qcxdew98brg1c3qzc3d68xfaxvxy344ntb9jpv2639y7cnb6tdt8ykywrjhtamfw17yg2184d85dsatf487jfymdtqy7504p06e0p942m68df9a78adafrzxp95486r55x1858nzvxv5ege2h00bksqrefkyhwh6chp3egdm8tbm4ae25q0m5wcdw7ac48kxdxdv91jafht4rrszmvhpnnx0mqm65q7dg2we6ca02azw7rj99t07kty3nf7xp81hj5xe56et9zbab720heghqyba9vv56zk6fpqqmc61ypnybhjtg4vs061wzj2pdnktp6cbpts3eez04ha685w09axjfr1mq0zsj667ha&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72213
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcvzZlIZ6GjxB3Ac53YGRxcqYoUPoTYzMnEgHK5IRZentdMq2rb0LRBBLeSUGy7im2KklDUElL2Htnai6Ed9GIzBw1DwDhDNaqB%2B396AHroE9mHxFqHifQiBy5fLzy91eGS%2Bw8w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Wed, 22 Dec 2021 21:28:05 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c23531ab9bb8bc3-FRA
cf-bgj
minify
pixel
cm.g.doubleclick.net/ Frame A456
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNVEFxopzAvLMAzWmSPoRg&google_cver=1&google_push=AYg5qPIp2JT53YYF9tQy5ohb3utB92PljkcgGMMZuqvmijUKmkLPrkulv_...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIp2JT53YYF9tQy5ohb3utB92PljkcgGMMZuqvmijUKmkLPrkulv_Jm2Psw8Q1kjVrO81mHXBL-gwFmNE890uGwIiKYy9OVdBzfzzYil35L_chN0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIp2JT53YYF9tQy5ohb3utB92PljkcgGMMZuqvmijUKmkLPrkulv_Jm2Psw8Q1kjVrO81mHXBL-gwFmNE890uGwIiKYy9OVdBzfzzYil35L_chN0OyEt0hnFvUKJSVZTixL65fqovhmO7eLvMEf798&google_hm=nmfmJk9_k4nXLYuXzC-a0A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIp2JT53YYF9tQy5ohb3utB92PljkcgGMMZuqvmijUKmkLPrkulv_Jm2Psw8Q1kjVrO81mHXBL-gwFmNE890uGwIiKYy9OVdBzfzzYil35L_chN0OyEt0hnFvUKJSVZTixL65fqovhmO7eLvMEf798&google_hm=nmfmJk9_k4nXLYuXzC-a0A
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A456 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LgCAfzcaHlcU8y-2_zuL3xTlcGQrjL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695492&bpp=1&bdt=758&idt=1733&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=2e6df8k4Hc&p=https%3A//newsyou.info&dtd=1736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
eb2b18f312ce68e-1640127036.jpg
ppvesdfiojol.com/upload/202112/f3056ff7e7a93911/ Frame 1180 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/f3056ff7e7a93911/eb2b18f312ce68e-1640127036.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
bd2e20285449891e71d348ad6ef598cb72e93b68c77347ec09ccf77d26e13c46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
last-modified
Tue, 21 Dec 2021 22:50:36 GMT
server
nginx
etag
"61c25a3c-43e1"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
17377
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
414630483:10
truncated
/ Frame FC05 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
487312589f6fa950afa50d4adc93f87826f191b7f72ef80c0c456ef94c344998

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
enr
dmpprof.com/ 		2 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/enr?href=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&title=%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%20%D1%81%D1%80%D0%BE%D0%BA%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20COVID-%D1%81%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B2%D0%BA%D0%B8%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
internal
dmpprof.com/matching/ 		142 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&title=%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%20%D1%81%D1%80%D0%BE%D0%BA%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20COVID-%D1%81%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B2%D0%BA%D0%B8%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&dmp_print_id=75f67d020a6c2c4561d1ca4670345b0a
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c8c988c79598cda1ad13c85b07b9360ccf0ce6197d3230a33191bcda60e435e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
142
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1996 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:38 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1996 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1996 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 18 Dec 2022 17:31:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 1996 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 18 Dec 2022 17:31:38 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1996 		43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Od_xSjj2cteF0duQwACGDXUXwgTvULsk6GUqD_2GHGBxKnnI20n_qsVwYXfk9Ig8p70Gm7Fk0kSgGSHxJ_zYTl1FerMVivH5upXXyDLiaR7nWka1KK9ex_n2EGYzgdquOSgKHtxt-iN-g4oTLy8K8K8hlEgBk3U2EN-A6XqZhhUwjFFoQExc7uwPnIvvCgp-QEURt2jjFtKD8kSVRmnVsfF173YgEhIJCJcCfVWX14Rk4uTxc3Q3YsFNYtAQp4HYYDRvCuzAfdwzHoD0gZj9xdDWepIsYqArv6sPg04Hg2GcCcGzWHrHo9RzpWSguxZQj4K4h8PWqCI_QwkSrL7L2saTuPKJJr54jGVFeMw3eVP6YYVS7J7GD9witDv2nh_3oQb9hydUK5PsVw8y1pj3WaPdtUmAk5x3ZESE4TlipxyOg2U_4cjnC5TQnFEyt3DGiBfjXA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5257
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 068A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNVEFxopzAvLMAzWmSPoRg&google_cver=1&google_push=AYg5qPKM1s7DhC9W_leXvgMuLFLuvmetEL52KSO1s4vNrZrAVYH0D29ILc...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKM1s7DhC9W_leXvgMuLFLuvmetEL52KSO1s4vNrZrAVYH0D29ILcuGQ52WJM2c56zEJnjIS48UP77wJ1A-xNTRt2zPA05VQYjRCq6sm7k0kUIZw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKM1s7DhC9W_leXvgMuLFLuvmetEL52KSO1s4vNrZrAVYH0D29ILcuGQ52WJM2c56zEJnjIS48UP77wJ1A-xNTRt2zPA05VQYjRCq6sm7k0kUIZwHP4UsjLWzk85AfzeA9ooikGwHli9frfhYNtfA&google_hm=nmfmJk9_k4nXLYuXzC-a0A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKM1s7DhC9W_leXvgMuLFLuvmetEL52KSO1s4vNrZrAVYH0D29ILcuGQ52WJM2c56zEJnjIS48UP77wJ1A-xNTRt2zPA05VQYjRCq6sm7k0kUIZwHP4UsjLWzk85AfzeA9ooikGwHli9frfhYNtfA&google_hm=nmfmJk9_k4nXLYuXzC-a0A
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 068A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LgUSPUZDlv4bmQKWEY8-Xqw7zV1Rax
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280697&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280695491&bpp=1&bdt=757&idt=1687&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D058b34fc61944f3f-2227c60e0dcd00b3%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=7854390752414&frm=20&pv=1&ga_vid=1593547459.1640280696&ga_sid=1640280696&ga_hid=2126856665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434&oid=2&pvsid=636726847683523&pem=661&tmod=662&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=DIu0AyPMKN&p=https%3A//newsyou.info&dtd=1711
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 392E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783012
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHwl95ih1jHg%2BuQwvZzbT1tVZXI8XvrABZcQRRD%2BIlrMC7cBGylcTutfo1loWPitP5IdzQUWd3TPIl5adz74LA4GxnMMd1rqSseqX0REKUmO6Zg9nuRN4ujGwiTmwzwdoffXJ%2B2qHuawiaBjqbvXlZQ0"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c23531b6d2e5a25-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame 3311 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires
Thu, 23 Dec 2021 18:31:38 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
1992625
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9hOK38gzM9c0Y0uwndpK23p95DAHkE3tML7XNXC0FzN8QjJ1ItEitKVhHdVtBx24NjKXHCsuBbwJS978J3CMbeY%2Bi%2FSfrQgrOqiV4sQFmX4mhCLTLn8EYxI%2FsWe6ES25prYwjA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c23531b6b698bc3-FRA
content-encoding
br
bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff
static.criteo.net/design/dt/ Frame 1996 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
last-modified
Thu, 28 Jun 2018 08:44:38 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b349ff6-b498"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:38 GMT
481598564da646f69bf741ec80763656_museocyrl-500.woff
static.criteo.net/design/dt/ Frame 1996 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/481598564da646f69bf741ec80763656_museocyrl-500.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
last-modified
Thu, 28 Jun 2018 08:44:38 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b349ff6-b5a0"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:38 GMT
/
m.mixadvert.com/show/load/ Frame 5C84 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5709&id_name=YQhAo&teaser_name=EEEeGqS&block_name=qiFHRB&ban_teaser=&r=0.8989887073514837&host=newsyou.info&ref=https://newsyou.info/
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5709&r=0.7266763893708588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
70579a52ec2778d10dc5bf83a705218aaf74f8568e7f6196ea7ee06de21afc40
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1996 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
667041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCZxLFv9ixBnE3knnltUQm5xzFOYOeO9b6Z%2FELB8uI6GU2TZY00rCr9N72bIzBfBos3ajYvFB0m4A%2BjGs48dkdI%2B9XjbRBdbdgl1IGAgf%2BL1jwIfMfR5%2B43tvA%2F8pRqKAFilxo9OLKYzPtFl1%2Br8it3t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c23531b8b56375c-MXP
expires
Tue, 13 Dec 2022 17:31:38 GMT
animejs.js
static.criteo.net/animejs/ Frame 1996 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:38 GMT
53151d0b72594c8a86b0e712c70fc29e_cpn_300x600_1.jpg
static.criteo.net/design/dt/3018/211108/ Frame 1996 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/3018/211108/53151d0b72594c8a86b0e712c70fc29e_cpn_300x600_1.jpg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
718dea75aca724482dd10ddb8db6c7db5cf12d8592821eedc2f544d22ebb904c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
last-modified
Mon, 08 Nov 2021 09:39:02 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6188f036-5054"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
20564
expires
Sun, 18 Dec 2022 17:31:38 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=268&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2Ff5aeb75966fa423aa72c4303d62e50ae_logocon.png&v=3&w=596&s=N8cu0ZexYG_tfd9QTeoqZ-TH
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2394ed8ec6aa08e4aaf25a09179a7afac88f0669a0b66c8d6e8be3485cc74dde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 10:29:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
198114
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=30908028
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
18751
expires
Wed, 14 Dec 2022 04:03:31 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21241165-49jLWoSL.jpg&v=3&w=800&s=zod0gxMJv1msS2Mb0vNuqJjy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c450f4419a73ab06aaae1220e35d5e3f591ec2bac0df3022a35957cea2f0b019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 07:00:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
124254
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=546312
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
12190
expires
Tue, 28 Dec 2021 14:45:57 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1628184803%2F21195540-L7rl9R7n.jpg&v=3&w=800&s=MY6lSMT1y6_2UjEtr9vtpXs8&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f0937d59e951f9d42c0310cacb254db635a47484e629e422c89e26d6c66855a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 03:20:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
137484
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=539900
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
26660
expires
Tue, 28 Dec 2021 09:18:34 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F18263402-96fKFitm.jpg&v=3&w=800&s=zrT2OtAgyUizISSAeiqimHnc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8979dc16b9b5575e7bddafe0e522d75f67389d497eee79e681d36acf3de40f5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:47:22 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
557056
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=604702
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
15482
expires
Fri, 24 Dec 2021 06:45:44 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20230149-AUvAnUzd.jpg&v=3&w=800&s=DJzHmstEQ7F2y_Np1-ETTXtn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9a3f9f49a9ba57c33ca230ee9e8a99022b4f8ac7219bb522c6e77a52f3e5fca0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 07:10:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
37284
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=545423
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
26034
expires
Wed, 29 Dec 2021 14:40:37 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21159367-Ol93bE6s.jpg&v=3&w=800&s=HtU9r7sYtRBPH_5UyDTd2LZb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5074feb779719afee7ec1f9e99856af18d46c89e90857beca2c9525186a84d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 00:40:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
492646
vary
Origin
x-cache
hit cached
content-type
image/jpeg
cache-control
public, max-age=557156
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
34031
expires
Fri, 24 Dec 2021 11:26:48 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1564408437%2F19224515-ZAt5XSBg.jpg&v=3&w=800&s=Km-gvKBPwpNMuM6wVYLvPJlq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cf54b8a53344f53566d1ea2e98d67c2ddeb7db24e3c677fe05ffdf429fbd0637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
68
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=163335
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
8452
expires
Thu, 23 Dec 2021 10:56:56 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17166900-C6f4Qzgl.jpg&v=3&w=800&s=CFFyPj9n8ccVDkYrJtqpIZUd&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f6df7b488b1ab42585bafc529260e7c3c570814468941d1661eeb99a9412654c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:22 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
75
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=513676
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
5586
expires
Wed, 22 Dec 2021 07:50:22 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17234144-MX5Vi9im.jpg&v=3&w=800&s=4JIA-sRpR2nHZ0JIluXhgPNk&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
04026b43c27c2978b610d664e3de5af55117c1db2398e526431d6ac5ae55e381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 00:22:31 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
320945
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=420960
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
3464
expires
Fri, 24 Dec 2021 21:18:32 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1564670734%2F19227760-4YEDiJM8.jpg&v=3&w=800&s=6H_Bl8W3TkhoJXDaxuUtek3_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f8f74f1f91a40d18dd712f6885477847d1cf5003f806d342ec01d3504a31354d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
52
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=602803
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
10850
expires
Thu, 23 Dec 2021 08:50:02 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1627571292%2F21187753-qsOhJSIj.jpg&v=3&w=800&s=X4v7q2dZ4G3a6z-xIb4Np_iV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
856ce219bdcd760fdc25dde2a71706432f91cf992090c23c5bcd9993307b1963
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
38
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=600046
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
7970
expires
Thu, 23 Dec 2021 11:28:08 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F13085840-MjlL8PdS.jpg&v=3&w=800&s=Oqsgc6gCPcddYGm7S90Fm3xq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3b2f3e81a7c76f1a46ec3aa9d933f2255b8f50e5a708078ab2e51e0f532adca0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
9
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=514843
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
6534
expires
Wed, 22 Dec 2021 08:29:00 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1548250199%2F19024234-gjYc7GyH.jpg&v=3&w=800&s=b_-5iGhQcuCyO7JRQBLYJVsn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1afeb90b7b49b18897794e5743885be1548cde4ee2866664c4c1af2bcf88a424
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 15:57:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
178463
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=589776
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
25558
expires
Tue, 28 Dec 2021 11:46:51 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		354 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=udlF2dvpi5ijHI7Drv9lLjiT
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 08:55:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
635782
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=27649477
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
354
expires
Tue, 01 Nov 2022 09:19:53 GMT
img
pix.eu.criteo.net/img/ Frame 1996 		117 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fimages%2Fstarrating%2Fstars_empty.png&v=3&w=400&s=Ild84cA9shGOZ5RLPR0GmaTD
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
40af400e8c91f02188ba45f50e2fcfe9e0551221d23bf002f8ad1ee7c8cae18f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 09:05:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
635182
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=29377994
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
117
expires
Mon, 21 Nov 2022 09:38:30 GMT
all
csm.eu.criteo.net/ Frame 1996 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=uf2mjdua4j8TotWVO-Zyfu07ySFdDFU__ToeV85hmlqJWn9abmIyAMKh-N-zv3y24zW558OPfXFD6euA-yLigzZUhojX1JhAJ_hZRqYRgYZsEmXriJeBvVdUN2vlLJ1tQKvAbrYTFraXYpzpC7RurWV7r7qL1w1FGqfJvtr2ZvAXDRAvW0JXVibs_UvjD-Sg36HhOWnOx3w6cBXu5koub7qMDCtkFNj3-yA8F3KmM0ib1wikOIhQDyVYeRAjosAQHYMrR-N0sqivgNg_&sds=2&rev=79924&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1996 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:38 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1996 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeQAE95AGrTBqAAGEk3xl2bpyp7lk-3wOBQ&u=%7CA6LRkozBELikN2unz5CuvXFSYUaFR6ur19SFB24e89I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVjmFRWH_mVUpQww1DvqU7Orta-sdG1saaEt3O8COgoCNdGjWSP-V5sTQY1nIJRznGU6D93cfjuct0svU8G1MKCTSjD_mSmU66aweLMyOozyCmgvoMc_cwVibu1xbjCSh2P1ZPLx70Jn14fuk_eKqfdG672pB_YjmZ-LEN4UrEJ8dTQpV6NykCucsCX4UMIs3tYfvwakclosX8CEHmDe52ZzviAdeSVWckJs279hUbW99dgo9t5sevRzp3kEaRESO2L6GB8ifuwgnJuSMIOTdRWiM4ApeUtiZudhHaOqhmGUhDVN6A2_QgnO5iZ8bcS8k0pK6_JINSMI5pnAgEWCnLtON7wyAqamzg3Neov9mJ2g9eyj4EVMhtU5fu1sr4p2f5P1Exl05ZjErTEXsG9RYcsKEMevzlOsYtl0gRX2vf2KpnRfCIke5CpdEKKSIt_5ApHBx-fj-9bXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4OzIebLEYZDvE-rgtOUPk4mG8A_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEjgJP0O6CSouS102btGtZd11B68W2Vj7TevYMA7lKvMbCEFE6s24BshkR0hvrEqFYubHJkUETmc1tMGTenoz8M5TF_RKC1vXjgL9FOwfPJZ8y_o1hcD8OyeIteP6kMbTv32U_9THYZZ5nM3FnoIG62TycR_pXGGymsogIfHJjF0sm_7mW_3eh-Vfn83BIxTcFRvpGVE9i9SSAPe7YnfkaAidZSHBihUnhvVbwNbmgjFGco1w3918z3dXmhoDfTmhPOfiklNWgQUDiypLgsNKBAO9j6MK6VIJHRuHakVg4sCGSyaYzlI_70-NXxQ5vDysimbxGyLIBcjGkhz9klhuvZEATvHNTN76IUDSQYukHHWKABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rLMr8kJWlcPYvBcUQvLczVcwjag%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:38 GMT
demography
prodmp.ru/pclicks/ 		3 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks/demography?domain=newsyou.info
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 23 Dec 2021 17:31:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
38170-438579-KGr.jpg
i.mixadvert.com/8174/38170/ Frame 1180 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438579-KGr.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Tue, 30 Nov 2021 11:30:40 GMT
Server
nginx/1.12.1
ETag
"61a60b60-4b0f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19215
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438578-259.jpg
i.mixadvert.com/8174/38170/ Frame 1180 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438578-259.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Tue, 30 Nov 2021 11:29:43 GMT
Server
nginx/1.12.1
ETag
"61a60b27-5d4c"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23884
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438575-5yf.jpg
i.mixadvert.com/8174/38170/ Frame 1180 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438575-5yf.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Tue, 30 Nov 2021 11:27:51 GMT
Server
nginx/1.12.1
ETag
"61a60ab7-62ef"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25327
Expires
Thu, 31 Dec 2037 23:55:55 GMT
block_head.png
mixadvert.com/images/logo/ Frame 1180 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
rs
ad4m.at/ Frame E403 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab57c993f9bec3e2dd09d19bda6798a7f425d6e0a8ef02235b29426945e4f75c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c23531c69f5145a-FRA
date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctkYAR%2FO9JBt6bACAomTMfwSzFLF2Gv9f6fjPFiQ7JOds0wTBAN0umttl857IXACaoyCbdmA8CROXJj1dkT7kXAq0jdvLjvM9tKke99TY7s%2FgnSkOG4bZgEQ0SjW7Q%2FTWpVcnPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-ztbd
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-ztbd
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSgi4WJ9La5K8wCMJ8i5XP6t8Ki20yasjHTuSluJsp%2FlCzIKeIJHXdVSaVCAwCG2kqdO4bYtyi3h77lgh88q7VoVrE4%2B9LBkGduKrr4Td3Pzxu2nFHvdx11vUOatFAF0EKtWOC8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c23531c39b4145a-FRA
rs
ad4m.at/ Frame A1A6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b89ecf2f1c82dd24767bf40b899e44a7f68c30ec08ed836ad5a51683d470c9

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c23531c9a52145a-FRA
date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9Z4P8yrlJ8GqImZAbOl8no5VrSuKZcLsAwJDbi1KNBZcdI7H7%2FTw8tmI6SgDCtvWYyrVE3017HcBpaJoPA78hym%2FRkqfNYcoCwt2is%2B86S1b8Nb5IlLQKG3azX9wXgbYeg2wpE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-ztbd
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-ztbd
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4hVK98ggfUbFi5Ieok7tWQxWJyP%2FtEZoyhfVF40t6%2BmKHF2ATPXwDr9%2BKpUbLtSPkcb3NJpdaTGUNzLJkdVBUPVotFsTyt6dXU8aCbGlOPa9V5XSm5bV2CF%2Bhra3U%2FxcY3%2BfTM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c23531c59d1145a-FRA
css2
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:11:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:38 GMT
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
d0361c3202ab9a6b.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/d0361c3202ab9a6b.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
f4fcea89d430967c0e79d7d860cdc150b8171e52f55b2455509535a9c7d5290a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
last-modified
Wed, 22 Dec 2021 12:55:06 GMT
server
nginx/1.18.0
etag
"61c3202a-71c5"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
29125
d0361c32065b4e19.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/d0361c32065b4e19.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
82c3ed6ff4ab2a922e388aa0ae0894d86036393ebff63f2e7e74efa9f708cad5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
last-modified
Wed, 22 Dec 2021 12:56:05 GMT
server
nginx/1.18.0
etag
"61c32065-7699"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
30361
truncated
/ 		526 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b267a4cc065aca882faaa89c18de0dbf47ed477b17aa66cb4e7b0a7ec0500de8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
d0361c31fee1b24a.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/d0361c31fee1b24a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
6804acce8caf4034e76ca17282755c64641e3d54ae4c7f6218d059d076cb9e22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
last-modified
Wed, 22 Dec 2021 12:54:06 GMT
server
nginx/1.18.0
etag
"61c31fee-a2b1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
41649
d0361b8fbc2a3862.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/d0361b8fbc2a3862.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
4af9d6205e6e709dfff2aed32006a5ad62a2c730b7e43d8a0968a718b69c75c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
last-modified
Tue, 14 Dec 2021 20:17:06 GMT
server
nginx/1.18.0
etag
"61b8fbc2-52eb"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
21227
d0b6182b6785e11d.jpeg
guepslka.com/.cdn/05a5cf/6512bd/2fa32ae2c78a49de93dbab7a8a3f5f89/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/6512bd/2fa32ae2c78a49de93dbab7a8a3f5f89/d0b6182b6785e11d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
cd919786e58a29bed6ae038fd3e7f514232525798fc80a3d1127a5d6c5c103f4

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
last-modified
Wed, 03 Nov 2021 16:19:04 GMT
server
nginx/1.18.0
etag
"6182b678-5021"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
20513
38170-438578-259.jpg
i.mixadvert.com/8174/38170/ Frame 5C84 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438578-259.jpg
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/load/?id=5709&id_name=YQhAo&teaser_name=EEEeGqS&block_name=qiFHRB&ban_teaser=&r=0.8989887073514837&host=newsyou.info&ref=https://newsyou.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Tue, 30 Nov 2021 11:29:43 GMT
Server
nginx/1.12.1
ETag
"61a60b27-5d4c"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23884
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438579-KGr.jpg
i.mixadvert.com/8174/38170/ Frame 5C84 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438579-KGr.jpg
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/load/?id=5709&id_name=YQhAo&teaser_name=EEEeGqS&block_name=qiFHRB&ban_teaser=&r=0.8989887073514837&host=newsyou.info&ref=https://newsyou.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Tue, 30 Nov 2021 11:30:40 GMT
Server
nginx/1.12.1
ETag
"61a60b60-4b0f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19215
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438575-5yf.jpg
i.mixadvert.com/8174/38170/ Frame 5C84 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438575-5yf.jpg
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/load/?id=5709&id_name=YQhAo&teaser_name=EEEeGqS&block_name=qiFHRB&ban_teaser=&r=0.8989887073514837&host=newsyou.info&ref=https://newsyou.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Tue, 30 Nov 2021 11:27:51 GMT
Server
nginx/1.12.1
ETag
"61a60ab7-62ef"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25327
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		525 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e461f1fc8c8c579ce2cfd14d323e118b437217a5deedd3d7e59e0a9d7e944b1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		349 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bacf5d2cdcb9e75599240481a7a703be7aacb54e21cd79eca6f911e1654b546f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc17d109139a33b161c661f209fc503ee7fcf8f7ebbbf3aaf535ed0ab2b8cc89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
block_head.png
mixadvert.com/images/logo/ Frame 5C84 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
activeview
pagead2.googlesyndication.com/pcs/ Frame F371 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugM8RvQa3fH69inACO9Fp1Hbj2Fgko2SOq2O8ciilSmgeJ05snQ6nH69SXvNexb0nD4ZwE2nFwbhOdeci-un_0IQ&sig=Cg0ArKJSzBR6gVl2tEWDEAE&cid=CAASF-RoWms3B6LXAUQBhu5X66GBDivRn3Fg&id=lidar2&mcvt=1039&p=0,0,280,580&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1966935994&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640280696156&rpt=1115&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view.php
ppvesdfiojol.com/ 		2 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/view.php
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
414630483:11
expires
Thu, 19 Nov 1981 08:52:00 GMT
rar
as.ad4m.at/ad/ Frame 5EF8 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5107a173d40b8b14d159f4fa3fe5b3f63639f50d233b13bbd07f26cc3583fccc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gat99c74ennwtvg1csymj0yfd2gag457h9q5jcg38pab3b13h9xza6zsnxvpah8nh4p71x1jr7qt02e6r3crtbegjtgc8arcv9y1drw19sfekq2wqbabh95t79qchqs4cwx9xaeykg0crr9kr6kggb81btz5x5vcp9ejxpb8w9x1mm3fhzeq6zdq38rc6m1yhf77mj5bcj0zw96hh2dvsrbhf7ywp70kjajkyrgf3whk5ej6zacyxcebdpern40chax73phxqhpp1e7p760y7g0czc6vf69b869f6yd9sgvwqb8jxytw1ew80vax4w0ed2tmssbcjfx8xcqm8k9f2ntfg7815jb22bd52pm3561axjwta321tr9zze10exrc4gfwja7th35e3h6wwh3c619c67zgkd0cv7fvhtv23em3m2tcss92&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c23531cdf528bc3-FRA
content-encoding
br
enr
dmpprof.com/ 		2 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/enr?href=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&title=%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%20%D1%81%D1%80%D0%BE%D0%BA%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20COVID-%D1%81%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B2%D0%BA%D0%B8%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
mapping
dprof.site/matching/ 		17 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=cb47997f-3352-415f-ba5e-7172d357ec64
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
rar
as.ad4m.at/ad/ Frame 053C 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454499e04d563b58f107957010e4f20cefd912857f82663a48c0b618f12851e4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1heheq88nkye3x7qp9anzw1ttdspbs2997rdqbt5nk509tgbv1120r1dcvmps6q9qdvfaf78capefxp68hp6vzq0s3aqec1mq02j1ghtmdkd82gww0q0yfdjthqx2ncbm2x146zvcqthstmaz9gh3k2erz271qcgws9zarav694qg1bx8k91120a4w1fbdg0ebv5mazr66211xb0tjh14x2nmt9re4hs6jjp4p61tzsxjf3t1gvspb2eh8ghdrw5bs0xh0c5sx7xjk5yh8zw04nh2nzrk7fe15djs8zyvbdfzjqxr8y3bdecc761qm4nzyfqg23ehkrekdkbqh0h2khz02d2mff8p5n4edfzsb9dc1v5tmxzm9yx7tfa3r53rdmdy0gqpesgx2y9hyfcmja4ta1pqf90vaqvwb13sdeea2fmjxx7t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c23531cef6e8bc3-FRA
content-encoding
br
rs
ad4m.at/ Frame 392E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
895435ec098cfc5f2104cc44548c00dcf4ac85dde3ff48767a1b29e523d0166a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c23531d2b28145a-FRA
date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNumy33camW0KtsfZyM8mbSwLNXLXaOZsFkJLq7Oz8Oy%2BBlVeufKDZFwqGFVXAvZa%2FaffUI68xNdZVwRdhiExy1TElxmxT6UE5aTtk1GjXsFxODAx9fVP4%2FSWG%2FBQ3neAx3skTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-ztbd
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-ztbd
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVINrazXwopMMgbQZ03CI%2FAfuVO0BNoRZLAgtqFmjSyo%2B4SY4jxbvrH95Bky0tmAevoZPMSNZvPJzLxcicygj10b%2BZeGlm3d2o2dx%2FXjxyPaozpxD8aAftNupw2nt04cDUQMMLY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c23531cfac8145a-FRA
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 5EF8 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23531d38138bc3-FRA
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 5EF8 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231481
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtIU2bd9HJ3PUUMwSg2Y6KTL-nAo_dJ-HZWAVTObKwbmf9DkLQXNAs_azrk7eJ4sEO2bowh1qRlJCPOVTiXH_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=halH5oeaEcmdMAYrflWZO9A6EhJYrzpPD6XF7evsLdBnT%2F3TUAyg3J33qFPxnubHOv7%2B6GQVLL%2FI36RS34iHJnufiDyVZlDGWqlHi%2FzwbIb6KmlL1B596ty%2B%2BcpX1frTaBNI1%2BMzJDjmJX3G"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6c23531d38a068e6-FRA
cf-bgj
imgq:85,h2pri
6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
assets.ad4m.at/product_image/ Frame 5EF8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=xKcLcA==, md5=LqUh6dMvJZgb+FCIIELoIQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231468
cf-polished
qual=85, origFmt=jpeg, origSize=29501
x-guploader-uploadid
ADPycdvQyts5EuojQCV65TpDjY7ksV2x8T-7jqbM-4T43w_57X2uLQdsizKt3Icbe3GdLU-_MWDQC5DNzMppBWKQ41U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15016
last-modified
Mon, 06 Apr 2020 13:24:35 GMT
server
cloudflare
etag
"2ea521e9d32f25981bf850882042e821"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vRIjQqLcWXmbVcx%2BRx3NNPNYCUFj87G%2BXdooqavI4TxQbzVyf7cRSUh00gKGDMZnyLoYZvYRSjk5N39SmQDovQAgDV0Pxh4qqRlSNhafDS9FpVzjzn5uhnQDwmLtbX0bfw0IQX6jYy%2BbV3B"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1586179475532187
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
29501
accept-ranges
bytes
cf-ray
6c23531d38b268e6-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame 5EF8
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313860669266455X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidQzzC9Ba...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112231831386066926...
43 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266455X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266455X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 5EF8 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231517
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UntOvehuyYEnrg2%2FY3CMq83JgRdG0U0VT3nSh4BMIygoImqjqistOJOGBI3Uv4Mt5G5MzCR5Ovldn3jE1CWUo61sgUCStw7lVmdkKY3gpVCnxrGEXcXNRSJ9qnzS%2F3t24Xf4KWU6iWaCpc9x"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6c23531d38bc68e6-FRA
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 5EF8 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231484
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdvulYrDQNUtRxoDFICktszvBld-zumqmU9xDn4fyYnfszA26fzJ2NfXO2rFBYElUh5ZQKFvMfk-nQj1PrGuhQwqjXpKBA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1egbOkLHkCKhFJTcxkUUHihDnw5FSP%2FDFGJVoshJr43ptQm0rM17IIhGH2fckrivpseWYSc1EIo1ha2sgMr92HFjgj9MuRTxkdTCk%2F9NfKKp%2FN1OrZ%2BTwJfuIpGy91khvt%2FBYteMU9Nuw6gM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6c23531d38c468e6-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame 5EF8
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122318313860669266443X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidQzzC9BaT...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211223183138606692664...
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266443X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266443X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 5EF8 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231485
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdsBhB4SVbJUId60_2wHZUuWtHjLMoe6bTHlFfyjCEmZdEXkw_UjuYWIUZ_IKN87qb1Urx01sOoLtw5CjdqWHx0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zp7iVxMv3%2B5JGOh1cM90QXm1V94fhMwJ%2FONFab81UmocxwlIK8YpxIWHnHJ%2FlaEcO39HQx1E%2Ff2EKwo%2BVsscwTH0gK%2FKXZ4JcPVdoj7HOhKTxeqL1UOLgLc9%2BKnyl%2FUUtnx46mBLZNfi5fJv"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6c23531d38cf68e6-FRA
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame 5EF8 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231486
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdu670Rk0ISPcs7txQwGYIL1NvXNwFkHaqljLnngC8hZQe9GoRcQBXOqPMxMUAPKD1P6hyAQ8mreDGPEoxRJxgs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FRSiZ3B5QuYzLWhLxnVcvQZ5BWsdQn%2FuhrfeJDs%2B7X1EJ8gxaC57lsUxhNgqEwILSJBjhmQjBj89Xz%2FO7TyNmSaBYp3ZFx18%2BJBfdcaPHWpIFF1kG0A%2B63g91XP5TkSW21QBI59D1kTQmjJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6c23531d38d468e6-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 053C 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23531d381e8bc3-FRA
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 053C 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231481
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtIU2bd9HJ3PUUMwSg2Y6KTL-nAo_dJ-HZWAVTObKwbmf9DkLQXNAs_azrk7eJ4sEO2bowh1qRlJCPOVTiXH_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIdFUJRwHS9zhhSKeDW%2Flcu%2FUPBmp%2BHsO4crKPlnEYIm7nUTcWMs7rC8SpKlpTHb0pkTdpEZaw1y9JXP9dX7Zo7xShihhZHXUa4Ta%2BJNz8igh9%2FBzDkL7pd7Jasir%2FxgLl2IW1RkSxlgt1%2BJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6c23531d38a968e6-FRA
cf-bgj
imgq:85,h2pri
BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
assets.ad4m.at/product_image/ Frame 053C 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=GgFtbw==, md5=1x50pvEeeTFx98g4ha5cJg==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231500
cf-polished
qual=85, origFmt=jpeg, origSize=151606
x-guploader-uploadid
ADPycdsf1iY5agbzb4s0nxoNlFW5wWZDmSWtb2kRMhzJuYZXcvFGJEY5Tu36Xq0uwQxSe5n1JfGJYrdl4blnUWtgGqabnozzyQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24794
last-modified
Tue, 19 Oct 2021 11:55:08 GMT
server
cloudflare
etag
"d71e74a6f11e793171f7c83885ae5c26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wu8tAPL0mZfCO3KLZW220N6Ezt4JJDp27515sBW5VpMkEeQQ3%2B%2FiHUuvUOwdNU2FKfTgAWTyU%2BcuGelgAxPfuPO9EYRPOVV4wT2WBJw5%2BHyPa1vwq6GAJsnQt1Dl8HsVoqgrM%2B%2F6SvKEb3zo"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634644508544717
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
151606
accept-ranges
bytes
cf-ray
6c23531d38d768e6-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame 053C
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313860669266461X117679V1226132702MSoneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjt...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112231831386066926...
43 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266461X117679V1226132702MSoneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266461X117679V1226132702MSoneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 053C 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231517
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1GsYe6ES9qNVmBc%2BvXH7Sl78%2Fa5IG5eoUrL8AmrgPZB4BjfHcSXYp3bfZHTn1DRghxeuC14UbsMWo574A2QBkp3%2Fg0o9Z1%2B8no6xWk13t2kh3q7lrqSzXE5rNazNxo%2F5O4sdG4wIC%2B2hoWD"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6c23531d38db68e6-FRA
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 053C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231484
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdvulYrDQNUtRxoDFICktszvBld-zumqmU9xDn4fyYnfszA26fzJ2NfXO2rFBYElUh5ZQKFvMfk-nQj1PrGuhQwqjXpKBA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rghmALKDLZt7iNVtnBUhCGRWRmp9rdDLRO%2BMd9I7J0daBoEX4QQtQrs%2FbEsUK992zlJYlrp%2Fn1kDYKFzNYEOR0yV12p%2BdP87hTvO%2FHjMYSTpvPDkncETcyMZSwmKX%2BXfrsbnpZWgQFh4tqU"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6c23531d38df68e6-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame 053C
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122318313860669266415X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidNnyqjtcax...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211223183138606692664...
43 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266415X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266415X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 053C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231485
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdsBhB4SVbJUId60_2wHZUuWtHjLMoe6bTHlFfyjCEmZdEXkw_UjuYWIUZ_IKN87qb1Urx01sOoLtw5CjdqWHx0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyb8c%2FloXzJIE0eDHIqMNkT%2BL477nZ8MjtFvjl%2BSYelIyCFo6pFtcyDpWZJXzozPpombS9MeN%2Fyi%2BYL69UFg%2FST%2BczRsmmLOY4N%2B9S04GiGUjJLirQ1LXQBr3UfDqdhsEh3brcpCd2rWrMYl"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6c23531d48e468e6-FRA
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame 053C 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231486
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdu670Rk0ISPcs7txQwGYIL1NvXNwFkHaqljLnngC8hZQe9GoRcQBXOqPMxMUAPKD1P6hyAQ8mreDGPEoxRJxgs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSMtSTfIs2sOAO7MeV4KhC4iv5Hxq%2F7hwMvJdO9kjDgujDfYoCBHsuycg6LmPPEwFEwOTwy4K8bA6f01fGwle2WNPXxukMVMgBEfdvP06cDiyyKCte6TB9sYMzwe5pTPtWuVfDwbRtioD8WM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6c23531d48e768e6-FRA
cf-bgj
imgq:85,h2pri
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:31:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:38 GMT
css
fonts.googleapis.com/ 		3 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:13:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:38 GMT
link.html
track.webgains.com/ Frame 5EF8 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
0f1806720713d550367d6ae95a01139cb0db2ce81f895ecb50f4930312a265db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1481
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 053C 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
e12b8e623681bd2be783140447a091eed228c7e3c76f96bdd99c9b4ad295baab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1464
Expires
Mon, 26 Jul 1997 05:00:00 GMT
rar
as.ad4m.at/ad/ Frame D3D4 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be3b3f8bcc205f0f728a2685dee3d14485eeaa47df92478fc27f6b90f314a9c6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h2byxq689ckdpcavqw4nm140v0jabmxezwz8wk21p1gk9f46v3549jct96zzjwqn6762gbhkcrpwx9qcxdew98brg1c3qzc3d68xfaxvxy344ntb9jpv2639y7cnb6tdt8ykywrjhtamfw17yg2184d85dsatf487jfymdtqy7504p06e0p942m68df9a78adafrzxp95486r55x1858nzvxv5ege2h00bksqrefkyhwh6chp3egdm8tbm4ae25q0m5wcdw7ac48kxdxdv91jafht4rrszmvhpnnx0mqm65q7dg2we6ca02azw7rj99t07kty3nf7xp81hj5xe56et9zbab720heghqyba9vv56zk6fpqqmc61ypnybhjtg4vs061wzj2pdnktp6cbpts3eez04ha685w09axjfr1mq0zsj667ha&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c23531d98e78bc3-FRA
content-encoding
br
/
c.mgid.com/pv/ 		0
46 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1640280698567832857303&uniqId=0bf6b&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fpolsha-sokratit-srok-dejstviya-covid-sertifikatov-i-posle-busternoj-privivki%20&lu=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&sessionId=61c4b27b-12751&pageView=1&pvid=17de8592ec8ae544122&site=413933&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531e1ad35bfd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
all
csm.eu.criteo.net/ Frame 1BEA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=NoLbqdua4j8TotWV4RCBNZBBkOE2JlwGD3g61VTK5-XQ928OQhfD9QAFTHdTKSpnm-EcX-h_3M-aLHDe7fsz-sCAvgoGezrFiXVM_U1969PpgX1b0txVonP1L1Sir79w2H74NGlAONukfF0o6tsr3xB3SP8OwyA4m6brdMenLCtDi9WPXLe23b52IZZSl420jrjyldxb9bUnpS-R-O_MbarduvRaobYWn41IHfSxuVlddjMD7sHX5b3qBUUBObK41wQrEw&sds=2&rev=79924&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAC2fsIFUA1AAYpJl5WEgj-vficko1dKA&u=%7Cpz%2BnB%2F%2Bn4uw3qB2jKFcwuahYS5mD1BgEtkz9O6J5X5I%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdC8pbhIwVK3dIDH-Cv-Na_DL1wvn7r-j-1I4GNk7-PmYi6rqfkNTfUsStzh2AZhcoK4IPFMgq-doqb9KrB07Bm4yGoc4cGbdw8_OwcKFGDZxr_dzMFBEKaX8B4ZV2R1NH8nnk_HmNZyFrUPz_HvLE-3exaCs2ci9N2R0vUFry0T9qJZMh4T46hNvmAHAzES_5Q7_mH6rfbEgfIjZSMpYxw-3rqmzPdxyh_S1Re6HaG6l_rLjB4b3Vi1gyNL-RChMQFgmSfGLaDDzlv2A3lJRhru9LWHdKXpDE3rqPmygXTuZVhVooBs0ocyLQFfWUt_ClcXoHsnkEPdU9xJ3mtI-9NnZkevc7_0w0-PtW_XUdhJuaoHMDnt6W0o7omv5dCPWgUbMveHcaBpSuuXNCZfp2i0Ibq0zvv0cJ7rHmef7IERDxiUW_uu6m-UaidmS6f5Q4AdP28Q808wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCQTveLLEYfuzC7WA1fAPptKYWMme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK403JU0PeyPqgDAaoEiQJP0KbfxSs9xOtrzxxU4Esm1J3Yk-KHgY7V0fP-81i0OgG36lozav2fOX3Mpxv0QJCXmn4crfD_ptS4fVs_ZEHFGkQcLO1uXwCV_ugjHnaKXjEz-LZx19UyvxPNYI9ASF2bP-mz4GJvOnTMYaNoRE1nzI_Vwbo_rm4kW2UpZbUkfAzr9KXKsCSWBeGIn6SuWPAeCY9ro6x7qpI_m6UEFhwsGW5Uax08fI5JHVWwJG3cZOumQ6N9SazZgDg0B0K65i4GaJnJHmXoV6Qg6OSQs0oX3hsUinxJr85mLucEGJ5QnC5xeWC2plNHLC_HzONhMi3Crv0WtGZZMxpYyexrSOmpFZrwkPp3cCyfgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jfGpuFLBC5Km5bSZ7GU-oL-3lyA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame D3D4 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23531e2a2f8bc3-FRA
cf-bgj
minify
B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame D3D4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=KCmbHg==, md5=qo//b2x9KW8DnVvNoA1SVw==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231489
cf-polished
origFmt=png, origSize=17428
x-guploader-uploadid
ADPycdscMzT355gfSvVKa315d6JuOfUPL6dDnmcmdLYNl3QtMdasAETU7zoG7Y-WnSZ9SmEzicp006oUhvL1oSLYURw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4642
last-modified
Fri, 22 Oct 2021 09:58:13 GMT
server
cloudflare
etag
"aa8fff6f6c7d296f039d5bcda00d5257"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoiLd0BvLKNCenjBf2Q1I5ricUopFSlox7J9pkqP9tPXo9E9tIKUFSH7jPS%2BvIGBo5NQM3TMqF2qNqesot8uOojHwxQgwNfudqNhBWAT9PwWrrjAJv5FuIkHXjM5G3bG4b6aL7FupZ1FsXbf"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634896693300485
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17428
accept-ranges
bytes
cf-ray
6c23531e2a328bc3-FRA
cf-bgj
imgq:85,h2pri
FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame D3D4 		359 KB
360 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=lmXgQw==, md5=1xHkv3KBHo5uf1DGNNz2kA==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231518
cf-polished
origFmt=png, origSize=565110
x-guploader-uploadid
ADPycdttGuPH0tGGsTzYzi_HZa0bkyncq1FKkCr_SkQDpyipLH002gMAgRRybUjqDFImnL9tF1IG4uybLuB5BTz5CdffakzVVA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
367856
last-modified
Fri, 22 Oct 2021 10:16:19 GMT
server
cloudflare
etag
"d711e4bf72811e8e6e7f50c634dcf690"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyoKNW6EzpUl1eaR7aX3owWbJ%2FBz%2BfXiUaLUwi8cWnVufT%2BbzOi2Kk15UCXgYxC4sLblPCDOk9gG23dCJHTq7HFBaq6KNC0hvzYgsnmdhyrHVR4acOI%2FqwHWjQypbW1p9YQdupvWsyyoTJkR"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634897779481391
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
565110
accept-ranges
bytes
cf-ray
6c23531e2a348bc3-FRA
cf-bgj
imgq:85,h2pri
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame D3D4 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231512
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdtWwmpW-PaJZY0dnkd822pnNX7k033JfgoXtkmRFgGuoCCXv2tAkXIxzUQtlPattvQmzbd6P4gadkbwRoFHXWk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKgvStrgztrOHdMDUAEjG%2FPZIL0%2BaE6ngALuwBAmiYMU1OKMd3X50oUrMHVykreJqfsFtq8BO%2Br3nEeD2KK67epiJSzF3v1Pg5viCJa5qZEilD%2B9voM8TxsEINQ3JFPWIHCyN%2BHhkFBd7eZn"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
6c23531e2a388bc3-FRA
cf-bgj
imgq:85,h2pri
F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame D3D4 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231479
cf-polished
qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid
ADPycdtkYnNyqZGTrUIs4bDjg1vIY92fTtTtJ5jbmJvPDlwEa131Kv16EQqHm0PrNiQXuG_TMliuQ_o0XL2wqYrg7AM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35504
last-modified
Wed, 19 Feb 2020 17:37:15 GMT
server
cloudflare
etag
"9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw4wNYSYyEOBJtS7YFgAO8kl5dTzrnXShBZsQ757VpNSxv8yQAbTrYhbTseIv36Vnonxc1mlBi7tNZRdXP3FfqJWppXZNED9EL93u4LpBRYjXZCKNcQWDEG%2Fwdb3PUSEyKuN7PQj1dSdE%2FEp"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1582133835673152
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
40264
accept-ranges
bytes
cf-ray
6c23531e2a3b8bc3-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame D3D4
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLr8mOO5-vQCFZTHUQodSIoFAA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRot...
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280699_2fe5a500-6416-11ec-9cab-2239e6ba3d41
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280699_2fe5a500-6416-11ec-9cab-2239e6ba3d41
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:39 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Thu, 23 Dec 2021 17:31:39 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280699_2fe5a500-6416-11ec-9cab-2239e6ba3d41
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
5404B18EC3C42814EC55ECCDAC94D540D07E28DC37C9B2BFAB5ACD0D732F3D3007B5B05DBBEC85F426804F85EE3DC1BB4334F2E31FDEB997FF3BDB393C20025F
assets.ad4m.at/logo/ Frame D3D4 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5404B18EC3C42814EC55ECCDAC94D540D07E28DC37C9B2BFAB5ACD0D732F3D3007B5B05DBBEC85F426804F85EE3DC1BB4334F2E31FDEB997FF3BDB393C20025F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c2021bdac59d8348ce96f8eda3d24c9d1d99d6c60f63e020c6567e39078d11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=/Q/6tg==, md5=wyA5XaMHHJmGLFy2SnfRig==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231513
cf-polished
origFmt=png, origSize=29675
x-guploader-uploadid
ADPycdsmFjfCjDxNw9V-boqB6FitOxRABzpI0ASd-q5evxceu6ld2zjQQa0lvdZ6k4MfCs-bD36Lxm1fKOdoxa4PmWnpEMHeTA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11084
last-modified
Mon, 11 May 2020 08:26:17 GMT
server
cloudflare
etag
"c320395da3071c99862c5cb64a77d18a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cy%2FQ%2FXwELjHU%2BRu%2FwZYQT5vt%2FonwduEa7kN34RVio0vzfNzkmPYXkcmkngIoxtUwKyEdm0GH4pLmZFeiCO5rSj%2FoIF89O5srX4tA%2BAXvZJOBjGvfXz9tSSASOtKWL4bRIVoBcx1WmpPMAdMg"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589185577639472
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
29675
accept-ranges
bytes
cf-ray
6c23531e2a3e8bc3-FRA
cf-bgj
imgq:85,h2pri
9AE8F63960E59AEBA7C87D6EC1BCB3F76BB15CBF908C84DAC0430D19E4DCF95A0C6FDF609CFF5E20F0EC3E37D1C1616A2D3D74BDC25D3D6E4B606E1E2C4F2181
assets.ad4m.at/product_image/ Frame D3D4 		303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/9AE8F63960E59AEBA7C87D6EC1BCB3F76BB15CBF908C84DAC0430D19E4DCF95A0C6FDF609CFF5E20F0EC3E37D1C1616A2D3D74BDC25D3D6E4B606E1E2C4F2181
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa6f4107b5a29a1b3d1e0fb085191dcd7d8bb9497ae061d1e1304abd20891f86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=1Hb8/w==, md5=hZxXU1RAQV3ntT4Wegq49A==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231510
cf-polished
origFmt=png, origSize=491451
x-guploader-uploadid
ADPycdv0e36FsQkZoBK2yex_tamgC8JE6CG6cJcc4y3xIllzIs84o9X7Vzqt5dZBlXf5PfsuA31PBWF9ANQ5Mebjj2ELRimHbA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
310322
last-modified
Wed, 15 Dec 2021 16:19:29 GMT
server
cloudflare
etag
"859c57535440415de7b53e167a0ab8f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSBxN3sj7YGqBW9LUkNLXF%2BexUgcptnCSgn9wo8JG8Q%2BYwQCS79cy98J0o7WpZS39iu1fALiwPebnIMXXPvRCpIgFFSHlsC57l2XspRXzWEW%2FYvPUZ0n0Kr2%2BWJGZlE4SHAEAaKCRwRJDplj"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639585169260253
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
491451
accept-ranges
bytes
cf-ray
6c23531e2a408bc3-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame D3D4 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2471479&v=10679&q=372055&r=412871&pv=1&pref3=&pv=1&pref3=oneid4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUKoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
mapping
dprof.site/matching/ 		17 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=cb47997f-3352-415f-ba5e-7172d357ec64
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
HIT
age
5359
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c23531e5b775bfd-FRA
expires
Fri, 24 Dec 2021 17:31:38 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
HIT
age
5380
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c23531e4b745bfd-FRA
expires
Fri, 24 Dec 2021 17:31:38 GMT
link.html
track.webgains.com/ Frame D3D4 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3766801&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kgf201fszrtcvk33rwc1n75ptperq2tbdqtn61xdf9zazx42dq364btfj3ttbjf10axcpwe6wffb7qarvngymmgh2haq4yvv7kmc3fkydwdapnb5vvk7mxe5kxap0r2yewjtrq6mxw8qv9hy56w9x6nvpe2dyy812svrrqy8z2gwe36xprpfg428wb2k8z1rwdnczjahy7p0t8wxx2q45edfj138jf98g3fcv8t6ntg57vfgrdmy7tfmek47442drzpy11dzpqy7mxsj415bhexe35w0yqas13djffdzcknavdvjav74p3n%26a%3D&clickref=oneidd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUjoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtVoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
dcbc685b8a1523b56ad0a98003f93be8f0521ddc6aef1bea4d046d095281056d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1455
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 07D9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRcGW7x5_tZug5DXJ1_8x42sSLqwlhFDLfhyyjCAzPpPXt0QUFj0wrCzlb-baOCB_UbQfpdlfEgI0c27GqfGsoeA&sig=Cg0ArKJSzC0ArkUcsgp_EAE&cid=CAASF-Rocn6Krriky6hFVgBJu9MrdeI1O9tI&id=lidar2&mcvt=1010&p=0,0,250,300&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=895116589&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640280697033&rpt=619&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
servicer.mgid.com/1146775/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1146775/1?pv=5&cbuster=1640280698670426622741&uniqId=0bf6b&niet=4g&nisd=false&jsv=es6&w=610&h=123&wrongImageSize=1&p3_w=197&p3_h=93&maxw_3=197&maxh_3=93&cols=3&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fpolsha-sokratit-srok-dejstviya-covid-sertifikatov-i-posle-busternoj-privivki%20&lu=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&sessionId=61c4b27b-12751&pageView=1&pvid=17de8592ec8ae544122&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2616555d253041cf2c947d4a5156563084796b2c9cb07966d88939d60b2d4432

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531ebc835bfd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1024868/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1024868/1?w=300&h=496&cols=1&pv=5&cbuster=1640280698684762534422&uniqId=15791&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fpolsha-sokratit-srok-dejstviya-covid-sertifikatov-i-posle-busternoj-privivki%20&lu=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&sessionId=61c4b27b-12751&pageView=0&pvid=17de8592ec8ae544122&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9476d7e6920afc7f1516f2af4c91bbce909a66c462a8cef4bac868f6a3218015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531ecce25bfd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1122348/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1122348/1?w=610&h=203&p3_w=197&p3_h=183&maxw_3=197&maxh_3=183&cols=3&pv=5&cbuster=1640280698728436559018&uniqId=03a11&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fpolsha-sokratit-srok-dejstviya-covid-sertifikatov-i-posle-busternoj-privivki%20&lu=https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI&sessionId=61c4b27b-12751&pageView=0&pvid=17de8592ec8ae544122&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc6c5df0302e3c8f2b36c737e80f20a8f47be2c3b4095ff553f5330df327fd53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531f1a523bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pvClk.min.js
analytics.webgains.io/ Frame 5EF8 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24094
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
-X4xmyARDh25rXjLzk4TVMOGXcpKPNyDGmCwcW1SK3GaHMDwr3SYig==
link.html
track.webgains.com/ Frame 5EF8 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidk2BF5f8jMSJezcbCwHetBtkYwSkTjTpGKaRoneid__asuidoCUmw9cQJbp6I3Y2sywKpMClPno1DNftasuid__suite_Mweb_Netmix_Reach103_TopRotaMonth&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C166402%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=QzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0&g=96a3263f5c8f623c035a138a8c212347%2F15492140078610214026&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698331&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j19vhjmh0bsm7fd2wxjfejbka5jx3s81669phdxrqmakq4597ce9mssdg1cmyehbjc61771qjwb09gkx5bg4j2jmq354dc1zyj8hn6629p79rzw175jxxaqcsapxx8388sgy54e6ta72sh8809htt1fw47ypes6q6hhwwcycx2a1c1vhh32tn9a0d6h86v033d7t4bnsy2kryzm40vana2bf57596tsrk87zgjx0dc5nhk4073qxw1k5n40yrcjxhc7nswhth0d446qd6s0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3HS1ebLEYfnyB7zotOUP3POc6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCvoa3jf32sj6oAwGqBIgCT9AJ8XYpTKSb5Ial90oY30fXLi0u6RRpNP0Z5a8UaIMLeo1FtFZCc5yRykxBCBvhmJKdao5gbOgVY4J41Rxkmdhv3luIlEp6T977M0pBwNYxOvsMsyL9r5uRwKeXEUdvTEaPgdUrebVt0qwJZv_fHBZ1sZS6Pew0mH2uotIsbbZCtyp4L-1eAzPjTb18IYpVMHe2t0V1ClOYpaDkFeJU92knUYw8YR_sHft2Z3XfdJ9ofkBmyltoAQ9Iw9GJ8Ikhd6Ne1xEzg4JfnAfSTB7-epsK42akQVad3QFIkpfnWgLndLFW3kAmmzSYGeLzknMkn7vUTFntWi1TMjg6UTPO1IK_iyGaQKNQgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0BZ5lUJP2-kTvDo1-OZXxbE3M9rQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
widget-ssp-performance
c.mgid.com/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=48
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c23531f2a6d3bda-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pvClk.min.js
analytics.webgains.io/ Frame 053C 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24094
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
1C2yGrUE-nXn2nRQcsZR6rtzDYFwkvPQ7vN9jIMdly0ebQSTiiVepA==
link.html
track.webgains.com/ Frame 053C 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidBhA7KpwxuZh-vZksQgBVen3zzrXe_brHasuid__suite_Netmix_Reach43_TopRotaMonth&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19491%2C43784&b=23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CZEgPfGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=fe6f365c2abdc7b5d0c04d6b60ebfbb8%2F11922484804146045645&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698371&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzv52ycr24hpd4ykd3xcs6bvt7cyey74z2p5rahffmcsehaz5bngaqq5mjsztjxx87e2ezv0ef2hnpwp5btv20vgn7qx4pfv3vesjytkxwsk7fgarpk66575n66b2x0jypqqhkhc3qncnv9zbpc5tz6sjar4j40mj9e2x661pfk12cvtmpqj857chjxmcvvmjpr6hy15wenz4qk4xvf7dd92jwhk78r822ca3b1whcn35p1w19t7n5d9ys4mbg6q93anmapdx7f43a94nj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCcvc4ebLEYa7KDbWrtOUP1O-DwAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCWoUNCBAAsz6oAwGqBI4CT9DJrgDJ9g3I6mhiy2T_ysEPs7pVtScCwNXH_9B15CV0jt0ll9K_hs3UA_KWjFF0tT3rPp2DDSXf290SmeJqWaE-wVyPWnc9Lyo7zaNZfRdrti3qpuavK3oL_JYIldGQ6BlRFuLuXo3dlSs6TBEVYoN_njPnA7rektghZxg7JUmeRl_EkHwzvODB_x1IGdiVWwN2Jiocyb7gthxHgGM1xpYvJpqq6noTMPbafJfqsXCf7PyYCgITRx4Do5mIss0JKwwL0VTdcLEEBt7t68mUHOlnoxyxdWGIJBbfDpNIV5iHzLsPI53ZTe0EJJNsmF3q4nkvl1CoptqYqAnr0nbXOTYZq2lt4iRsiQV2IPtXgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3srNk-fIPBk9Bjr5VLiQ0D5znu3w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2YzOGE2MjQxYmM2N2MwNjEzNmU1ZGU2OTRiZjUxMzgxLmpwZWc.webp
s-img.mgid.com/g/11739838/328x328/200x0x800x800/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739838/328x328/200x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2YzOGE2MjQxYmM2N2MwNjEzNmU1ZGU2OTRiZjUxMzgxLmpwZWc.webp?v=1640280698-JMt9aP5i51tgh4jQzwyrFLciCGUkRpF9UpDjlMnWGZw
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c227d4b3a58b2da51e7f802928dc116792b930de8c90436a5fc77b9cac4da58

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:53:16 GMT
x-mg-request-uuid
ffe76fd6-437d-44bd-bfd8-991dccb01bfc
age
187022
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531f58243240-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21528
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgzMWRmMjMyZGYxMzQ2NzA1YjFiMzRkNThlMmE2M2Q1LmpwZWc.webp
s-img.mgid.com/g/11739833/328x328/281x0x1124x1124/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739833/328x328/281x0x1124x1124/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgzMWRmMjMyZGYxMzQ2NzA1YjFiMzRkNThlMmE2M2Q1LmpwZWc.webp?v=1640280698-xp_u1rmZMqFp4_LHg_OPtS-lFF6NSqd9c_lSkWazCoo
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8a7ef58a18433d97780ef0f3719ed0906fb0b11f4b981b534b21d1f037df2df

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:57:51 GMT
x-mg-request-uuid
9c4fab25-2ce0-4ad6-b79d-1374b1dddd22
age
182463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531f58293240-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5170
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzQ4Nix5XzQ2MS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZTUxZmMxO...
s-img.mgid.com/g/11739835/328x328/-/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739835/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzQ4Nix5XzQ2MS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZTUxZmMxODk4YWNiMzk5MjQwMDA4YjQ0YjcwMTVkODYuanBn.webp?v=1640280698-BHateFRrLf5tK6ffL2_c91IGQvZg7j6QYuCVLZSr0-E
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ae999bb7da44a39a0f4c1c0395b62ffa08b7b37ce91119e5d2433a1007efec

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:56:01 GMT
x-mg-request-uuid
4e3aaaef-7e7a-4e5f-abca-fe2298f6068d
age
186780
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531f582b3240-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15182
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTRjNmQxZjM5Mzc0MzM4O...
s-img.mgid.com/g/11739853/492x277/-/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739853/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTRjNmQxZjM5Mzc0MzM4OTcxZGNlMWMzZmNlOTMwZjgucG5n.webp?v=1640280698-c_4WVdV8sHczIPNVCpjGbN6wYGPo-d0OtpvOFdcRQrM
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aab942fa2cb8277ee4f869d38dea681d39442f06aa244354f9348dd8251a68d

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid
89f1851a-0e0d-4bac-ac72-8e18ff590956
age
187022
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531f582c3240-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12906
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwO...
s-img.mgid.com/g/11739845/492x277/-/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739845/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwOWZhYTcwZGQzODQxZTliMTQucG5n.webp?v=1640280698-FQ1n4QQPbIpKfeqXYS4CTqdd3alLDD98AqwapIiNsc4
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid
19d1a543-47af-45fc-9b85-fa2e602a217a
age
183869
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531f582d3240-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19212
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2EyYWI2YmE4ZmJiNDI0Z...
s-img.mgid.com/g/11739873/492x277/-/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739873/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2EyYWI2YmE4ZmJiNDI0ZTVkOWFiYTRkYzIxZGVkMjAucG5n.webp?v=1640280698-93kVbtvpvg1K0DTzlHC5gTlPKqBmnDEBXbEHNIT-uBY
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26cf4453783f0965a47a2281abec28445f27f8ff34d33dd47528706dd4de10bb

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:46 GMT
x-mg-request-uuid
f36e01f9-7d8d-430d-9976-83fdb4497998
age
188029
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531f9b015b3e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20262
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3Z...
s-img.mgid.com/g/11739864/492x277/-/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739864/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3ZDAyMzk2OWE1NjdiZDZkNjUucG5n.webp?v=1640280698-JLy99DOmcpEj7KxhYY2o7TyyVEtBTr_hOL5kQRSTeA8
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893272f386161bc5de59f161622195fa4cc580b63e4f49d21d495394a3e09972

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:50:37 GMT
x-mg-request-uuid
b543fc38-e816-4b14-a557-a74dd0446445
age
186780
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531f9b035b3e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13774
server
cloudflare
i.js
cm.mgid.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1640280698812613780688
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
365584e665042f807592294c53bf6b3bb99bf8870802df21d7541d610d7a9121

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c23531fab903bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pvClk.min.js
analytics.webgains.io/ Frame D3D4 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766801&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kgf201fszrtcvk33rwc1n75ptperq2tbdqtn61xdf9zazx42dq364btfj3ttbjf10axcpwe6wffb7qarvngymmgh2haq4yvv7kmc3fkydwdapnb5vvk7mxe5kxap0r2yewjtrq6mxw8qv9hy56w9x6nvpe2dyy812svrrqy8z2gwe36xprpfg428wb2k8z1rwdnczjahy7p0t8wxx2q45edfj138jf98g3fcv8t6ntg57vfgrdmy7tfmek47442drzpy11dzpqy7mxsj415bhexe35w0yqas13djffdzcknavdvjav74p3n%26a%3D&clickref=oneidd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUjoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtVoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24094
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
8o8Lzt4s98BvLu6rfEn_2YW6TB-WLNTBKfIE86CTq-E8q32wDlYW1w==
link.html
track.webgains.com/ Frame D3D4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidzg37aRfYfqqqWteCBHMtqtPV99FVSZtgkTWoneid__asuideteQTtt7m6d3Pm-s4yKBbR8dSbsK_Ifqasuid__misaglam_advancedad_300x250&wglinkid=3766801
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=250&e=NnyqjtcaxCup24mWDWIYXPVcHAwdo21f&g=f6402bd65f0a42384eb82dc9c838dc33%2F6266805099014271477&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698449&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g6ks82n1swh78enqkv07cke41zxm8jn4vkmd2grdxq5h55hqecb1k4dght4mwj7t0rey322tg1k41w04k79xxs2ysc5kdetvjh7b7ka1gen36nat4z4s6kr0q549d1bpt8v7vq5hs0qksfewek8akwp8n9mmf0km8bkt3x1zsntpb8qfbpyfpxfb8n7can7jr1t4gz8zgn50k8jz2a5b02tktsvrzg5d8zwjxqsjgdevbvwp5wwb62eb6k61djb2mxjkf0km5vnx1mw6vfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9gaeebLEYYmZEq2cnAfz14_4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQIaMJyGyf-yPqgDAaoEjgJP0MoLBJMrP61EiEVRAyg0CozeT77-AVjgaXZjVjUS1TPXNwaIXbWDweXMWHXdaYLR21Ny6U24OHSSNv6zi_1WfTNttrDAx19ipxOgWQhPyEh0mIUC24kHWTFLXlz75dWZR-NK6A4esTRvuMIgWdywV5OBsQkH83AZ2Sv046R1E983HUWBrq1zNsBUVqH52NH057JYf0cHvOFN7RlkAgQ8wDIhIExMmzVJPx2fygUGJC0BVRkuVjk6WsNf2t6K4Iyi4aEo4eoHnnMOnKj7jYe9Nr0qSagYT_MNdFyvbYhSMNyKqrmTjKxsaMlKmiH6A4g_YlssemlyvHb6vIGOty00h3FKwY2IMUqepKHM64CABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0zsThJvYbkY1OY-pjUvGWIx_AuMw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
cdc6a672e24d84d0277383399879fb8a1d6e02cf7f1fab4fe2a31aa173ad9faf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2759
Expires
Mon, 26 Jul 1997 05:00:00 GMT
i-noref.js
cm.mgid.com/ Frame 396F 		19 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1640280698836485389653
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c23531fcbf33bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sync.html
s.adtelligent.com/ Frame 1863 		1 KB
880 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1640280698812613780688
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
VertaMedia 1.0
Date
Thu, 23 Dec 2021 17:31:38 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://newsyou.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 4F3A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1640280698812613780688
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Dec 2021 17:31:38 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Date
Thu, 23 Dec 2021 17:31:38 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=dbfdb6e8-6d9c-5365-8252-d588e39667f1&ssp=mgid&expires=30&user_group=1
  • https://cm.mgid.com/m?cdsp=433145&c=840c7006-8478-4dd5-8212-0979990999d9&gdpr=&gdpr_consent=&us_privacy=
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=840c7006-8478-4dd5-8212-0979990999d9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353216fc43bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=840c7006-8478-4dd5-8212-0979990999d9&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 23 Dec 2021 17:31:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=01c39c06-dbbe-4e14-94a1-e215254dd232
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=01c39c06-dbbe-4e14-94a1-e215254dd232
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353213f4a3bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=01c39c06-dbbe-4e14-94a1-e215254dd232
date
Thu, 23 Dec 2021 17:31:39 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=lbnBLduddPv9
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c235320fda9047e-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=fed93ff5-e0f1-459a-83b9-9691a13aecf1&ttl=1642872699
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=fed93ff5-e0f1-459a-83b9-9691a13aecf1&ttl=1642872699
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353214f863bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=fed93ff5-e0f1-459a-83b9-9691a13aecf1&ttl=1642872699
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=86e2aab0-27e2-4234-bf23-01ec784b02af
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=86e2aab0-27e2-4234-bf23-01ec784b02af
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c235325ecd33bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=86e2aab0-27e2-4234-bf23-01ec784b02af
date
Thu, 23 Dec 2021 17:31:39 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbnBLduddPv9
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=3009984102882433811&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:39 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
mw
mwzeom.zeotap.com/ 		95 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=lbnBLduddPv9&zpartnerid=1532&zdid=1532
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
cf-ray
6c235320baa683a0-MXP
access-control-allow-headers
*
content-length
95
840c7006-8478-4dd5-8212-0979990999d9
sync.1rx.io/usersync/bidswitch/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lbnBLduddPv9
  • https://sync.1rx.io/usersync/bidswitch/840c7006-8478-4dd5-8212-0979990999d9?gdpr=&gdpr_consent=
0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/bidswitch/840c7006-8478-4dd5-8212-0979990999d9?gdpr=&gdpr_consent=
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0

Redirect headers

Location
//sync.1rx.io/usersync/bidswitch/840c7006-8478-4dd5-8212-0979990999d9?gdpr=&gdpr_consent=
Date
Thu, 23 Dec 2021 17:31:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=lbnBLduddPv9
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c23532118c02bb9-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=2TxjfHCmI8jiCFVo23f9&pi=mgid&tc=1
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=2TxjfHCmI8jiCFVo23f9&pi=mgid&tc=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c235321a88a3bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=2TxjfHCmI8jiCFVo23f9&pi=mgid&tc=1
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT, Thu, 23 Dec 2021 17:31:39 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJuQkxkdWRkUHY5&muidn=lbnBLduddPv9
  • https://cm.mgid.com/google?muidn=lbnBLduddPv9&google_ula={guid},5&google_gid=CAESEIx_4UhiCcix_9NbsKvpEQU&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=lbnBLduddPv9&google_ula={guid},5&google_gid=CAESEIx_4UhiCcix_9NbsKvpEQU&google_cver=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c2353208db63bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=lbnBLduddPv9&google_ula={guid},5&google_gid=CAESEIx_4UhiCcix_9NbsKvpEQU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4F3A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a84e073be90f3b8a06645947c17b4059cc3e2930c96661210e19504efb706331

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37756
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Fri, 24 Dec 2021 04:00:55 GMT
csync
sync.adtelligent.com/ Frame 1863 		0
0
khaos.jpg
token.rubiconproject.com/ Frame 4F3A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
sync.php
pixel-us-west.rubiconproject.com/exchange/ Frame 4F3A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif
tracking-event
api.webgains.io/ Frame 053C 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 5EF8 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame D3D4 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
img
pix.eu.criteo.net/img/ Frame 1BEA 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=800&s=LzlBB40wIezU9oSbleSOY3Pn&b=800
Requested by
Host: newsyou.info
URL: https://newsyou.info/POLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0769a620ccba5a6119e7c4ac2c741513c0e5c20d1c13001caca6d838be89c8d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80851
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
141508
expires
Thu, 22 Dec 2022 19:04:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

339 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 function| _m2722869951 function| $ function| jQuery string| ajaxUrlFlatPM boolean| duplicateFlatPM boolean| senseFlatPM object| adsbygoogle object| gnezdoAsyncCallbacks object| head object| script object| mtzBlocks object| node5876 object| node7880 object| jQuery111108534335714492627 object| node6822 string| iS object| iD object| iP string| iR string| iT string| iH number| iI string| GoogleAnalyticsObject function| ga function| ym function| flatPM_arcticmodalLoad boolean| debugMode boolean| duplicateMode boolean| senseMode boolean| countMode function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_random undefined| flat_body object| flat_count boolean| flat_counter number| flat_iframe string| flat_sep object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear number| flat_dateMonth number| flat_dateDay number| flat_dateHours number| flat_dateMinutes boolean| flat_adbDetect object| flat_userVars function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| flatPM_setHTML object| flat_pm_arr function| jQueryLoaded function| jQueryLoading function| randomInteger string| RESOURCE_O1B2L3 object| _0x54e7 function| _0x3ea5 boolean| scriptaddedobl82749 number| __o1b2l3_updateStatsEvents number| utarget_rand number| utarget_cookie object| utarget_script object| l_m3909031189 object| name155now function| smiHTML13245 function| smiCSS13245 object| smiq function| smiHTML13267 function| smiCSS13267 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| FB function| smiHTML13248 function| smiCSS13248 string| google_user_agent_client_hint string| scr object| div object| x number| len undefined| newScript object| APC object| adexOpt number| loadingMedia object| adPartnerMediaAd object| place object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID object| result string| key string| apuid object| sessionData object| loadedBanners undefined| getApuID object| shownAds7460 object| initRtb1640280695365642665 function| addJqueryAoNiQ function| take_ban_teaserAoNiQ function| getUrlVarsAoNiQ object| shownAds2489 object| initRtb1640280695364180726 function| addJqueryfnjyF function| take_ban_teaserfnjyF function| getUrlVarsfnjyF number| intervalIDAoNiQ function| take_ban_teaserHzdGD function| getUrlVarsHzdGD number| intervalIDfnjyF function| loadjscssfile function| createWidgetHelpButton object| TelegramButtonOptions object| Widget object| shownAds7858 object| initRtb1640280695412584313 boolean| laScriptLoaded object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Sk function| _typeof function| _createClass function| _classCallCheck object| web_script number| is_clck function| web_callback string| website function| are_cookies_enabled function| inIframe function| compareElementsWithParentsToSelectors function| compareElementsWithChildrenToSelectors function| compareElementsToSelectors function| Browser object| browser function| run object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| dmpProfitclicks boolean| mtzCheck number| intervalIDHzdGD object| gnezdo object| Ya object| yaCounter44453875 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _mgIntExchangeNews object| MarketGidInfC1146775 function| MarketGidCContextBlock1146775 function| MarketGidCMainBlock1146775 function| MarketGidCInternalExchangeBlock1146775 function| MarketGidCRejectBlock1146775 function| MarketGidCCriteoBlock1146775 function| MarketGidCInternalExchangeLoggerBlock1146775 function| MarketGidCObserverBlock1146775 function| MarketGidCSendDimensionsBlock1146775 function| MarketGidCRtbBlock1146775 function| MarketGidCContentPreviewBlock1146775 function| MarketGidCResponsiveBlock1146775 boolean| mg_loaded_413933_1146775 object| MarketGidInfC1024868 function| MarketGidCContextBlock1024868 function| MarketGidCMainBlock1024868 function| MarketGidCInternalExchangeBlock1024868 function| MarketGidCRejectBlock1024868 function| MarketGidCCriteoBlock1024868 function| MarketGidCInternalExchangeLoggerBlock1024868 function| MarketGidCObserverBlock1024868 function| MarketGidCSendDimensionsBlock1024868 function| MarketGidCRtbBlock1024868 function| MarketGidCContentPreviewBlock1024868 function| MarketGidCResponsiveBlock1024868 boolean| mg_loaded_413933_1024868 object| informer string| ban_teaser function| adpartnerMedia object| MarketGidInfC1122348 function| MarketGidCContextBlock1122348 function| MarketGidCMainBlock1122348 function| MarketGidCInternalExchangeBlock1122348 function| MarketGidCRejectBlock1122348 function| MarketGidCCriteoBlock1122348 function| MarketGidCInternalExchangeLoggerBlock1122348 function| MarketGidCObserverBlock1122348 function| MarketGidCSendDimensionsBlock1122348 function| MarketGidCRtbBlock1122348 function| MarketGidCContentPreviewBlock1122348 function| MarketGidCResponsiveBlock1122348 boolean| mg_loaded_413933_1122348 function| WidgetTelegramButton string| cookie_expires object| options object| system object| _parent object| banner_clases boolean| edge boolean| linux boolean| new_opera boolean| ua_ios_opera boolean| ua_ios_opera_mini object| main object| block string| text string| prev_link string| teaser object| onMainScriptLoad5555 object| banner7460_1640280695365642665 object| banner1640280695365642665 object| banner2489_1640280695364180726 object| banner1640280695364180726 object| banner7882_1640280695412584313 object| banner1640280695412584313 object| banner5555 function| removeGooglePlaced object| googletag number| cur_time boolean| wait_start number| _997726831838 object| _997726831831 object| cd string| dt object| onClickExcludes function| mgReject1146775 function| mgLoadAds1146775_0bf6b function| MarketGidCReject1146775 function| MarketGidLoadGoods1146775_0bf6b function| mgReject1024868 function| mgLoadAds1024868_15791 function| MarketGidCReject1024868 function| MarketGidLoadGoods1024868_15791 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint413933 string| _mgPvid function| mgReject1122348 function| mgLoadAds1122348_03a11 function| MarketGidCReject1122348 function| MarketGidLoadGoods1122348_03a11 boolean| _mgPageView413933 function| LoadCriteoAllPlaces1146775_0bf6b function| LoadCriteoAllPlaces1024868_15791 boolean| i.js.loaded boolean| i-noref.js.loaded number| _997726831832 string| user_agent boolean| mac boolean| windows boolean| ua_chrome boolean| ua_ya boolean| firefox boolean| ua_opera boolean| ie_11_edge boolean| opera_dev undefined| ie_8 boolean| ie_9 boolean| ios number| cou object| b0 object| b1 object| b2 boolean| class_selector boolean| match object| items number| count number| item_w number| item_h boolean| flag object| pos object| h_body object| h_doc object| new_post function| LoadCriteoAllPlaces1122348_03a11

119 Cookies

Domain/Path Name / Value
newsyou.info/ Name: b
Value: b
.mgid.com/ Name: __cf_bm
Value: _Z0r87UNM18d0v5ceysEfDwkwWxL__KQKwCg0l66FZs-1640280695-0-AX99GX4gxP+Aoj8wQUeHu976i9Ix242+oAxFjY08ME58Bw3gO+hWgRXtZEzmNa2zHoeSEzyGIlGCnLVCrQ5Zc80=
newsyou.info/ Name: vcO1B2L3-1
Value: %7B%220%22%3A1%2C%22*%22%3A1%7D
ppvesdfiojol.com/ Name: current_server_session_id
Value: eddda987fafdf96f7937d50052b774a1204e96c6vvv571180185
ppvesdfiojol.com/ Name: visit
Value: 1
.utarget.ru/ Name: uuid
Value: "S6yqDuMBTabQzuye3d+Dyla6ae7oweqbNJOl0dm9Nvg="
.calculator.codes/ Name: uuid
Value: 37ffb43e-e9db-4076-862e-115f925fae34
.yadro.ru/ Name: FTID
Value: 1XnBA30LcMOE1XnBA3001PhZ
newsyou.info/ Name: lapuid
Value: 46e05ec2-befa-4543-ad8b-4abe4bdbded7
newsyou.info/ Name: session_id
Value: 762c8757-596f-4ba1-a66b-4a782956af47
newsyou.info/ Name: session_pageview
Value: 1640280696.1
newsyou.info/ Name: site_visited
Value: 1640367096.1
a4p.adpartner.pro/ Name: newsyou.info_ref
Value:
.newsyou.info/ Name: surfer_uuid
Value: 4915c0f6-c42b-467a-a7cd-d03bf2f230ec
.newsyou.info/ Name: la_page_depth
Value: %7B%22last%22%3A%22https%3A%2F%2Fnewsyou.info%2FPOLSHA-SOKRATIT-SROK-DEJSTVIYA-COVID-SERTIFIKATOV-I-POSLE-BUSTERNOJ-PRIVIVKI%22%2C%22depth%22%3A1%7D
.newsyou.info/ Name: page_load_uuid
Value: d0290f47-6b1d-4e91-91d7-8261634750b2
.yadro.ru/ Name: VID
Value: 3B7InX3PriuE1XnBA30017fH
.newsyou.info/ Name: _ga
Value: GA1.2.1593547459.1640280696
.newsyou.info/ Name: _gid
Value: GA1.2.1288027217.1640280696
.newsyou.info/ Name: _gat
Value: 1
.newsyou.info/ Name: _ym_uid
Value: 1640280696124460632
.newsyou.info/ Name: _ym_d
Value: 1640280696
prodmp.ru/ Name: rai
Value: c2e6db7a6ed448467fc973811f550db2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 447682778fake
newsyou.info/ Name: cbtYmTName
Value: TzRtJittdW19fSl6dnx9LX0sd3speX17bTKJ
loadercdn.net/ Name: vui
Value: 635b6a8996cc4f2dbfaf90515e66d572
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2704879908fake
m.mixadvert.com/ Name: a5c79a16a258cb2a9709a1ac872efa52
Value: 438578%2C438579%2C438575
m.mixadvert.com/ Name: f3a826c60b78eb15a6c7bbaea354d6d9
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmHFLgTzbwwHd_GfEmAvgfhnwkc0d1y4k-359mngMyCYMruwmw6ikGLw0CXaR0
a4p.adpartner.pro/ Name: apuid
Value: 46e05ec2-befa-4543-ad8b-4abe4bdbded7
a4p.adpartner.pro/ Name: apudmg
Value: 1
.newsyou.info/ Name: _ym_isad
Value: 2
.newsyou.info/ Name: u_count
Value: %5B0%2C0%5D
.gnezdo.ru/ Name: weborama_cm
Value: 1
.gnezdo.ru/ Name: uid
Value: uZQlT2HEsngCY0OO+TO0Ag==
.newsyou.info/ Name: __gads
Value: ID=058b34fc61944f3f-2227c60e0dcd00b3:T=1640280696:RT=1640280696:S=ALNI_MaGuMu2fLkKgote-wt1VChTeJUMbg
.yandex.com/ Name: yandexuid
Value: 3033834881640280697
.yandex.com/ Name: yuidss
Value: 3033834881640280697
mc.yandex.com/ Name: yabs-sid
Value: 483275091640280697
.yandex.com/ Name: i
Value: NLz9/Du80fGkAHyyr8zzQXWFn6mAglo1NXr/MD/u+gJMZB4RHCCmtOdSa4dSE3H2x/zxFDw+uwFPFbVNSMUwBhw74F0=
.yandex.com/ Name: ymex
Value: 1671816697.yrts.1640280697#1671816697.yrtsi.1640280697
m.mixadvert.com/ Name: 086ae4465f66aadda78e0cd6cba6c2cd
Value: 438578%2C438579%2C438575
m.mixadvert.com/ Name: 8c7239b3698670cc11540a0d8f9b4062
Value: 1
.newsyou.info/ Name: chash
Value: MTtYyOvu6h
.uuidksinc.net/ Name: jcsuuid
Value: preuJIPZheUKedacC0sm
.eskimi.com/ Name: __eConsent
Value: 1
.mgid.com/ Name: muidn
Value: lbnBLduddPv9
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWHEsnkr6AgMY0gTAmGxbvcbE208QO0zSFLw4tB11yL1
.adhigh.net/ Name: gi_u
Value: 7RjoJ9WbEnF.AikABlF96Fkp9g
.acint.net/ Name: cSyncDp14v3
Value: 1640280697
a4p.adpartner.pro/ Name: buyeruid_55
Value: 0100007F79B2C4610C08E82B02134863
a4p.adpartner.pro/ Name: buyeruid_53
Value: 0100007F79B2C4610C08E82B02134863
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWHEsnlDHgAXGn3uAtFCuIfO5I3+ttKOTMNSKoAITln/
.quantserve.com/ Name: d
Value: ED4BCQGDJYEA
.quantserve.com/ Name: mc
Value: 61c4b279-7043e-880f5-62696
.agkn.com/ Name: ab
Value: 0001%3Ar1LX7EuG%2FXwwkkY%2BGcG9mfEHWSJw50fg
.agkn.com/ Name: u
Value: C|0CEApV275KVdu-QAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMID
Value: YcSyef7s39emLKnFqZHI4QAA
.casalemedia.com/ Name: CMPS
Value: 5203
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C31BB28F-7366-455A-82F6-52C36A9544D6
.casalemedia.com/ Name: CMPRO
Value: 1207
.casalemedia.com/ Name: CMST
Value: YcSyeWHEsnkA
a4p.adpartner.pro/ Name: buyeruid_63
Value: 9a7fa744-fabf-4a07-7261-d93e0a8eb24d
a4p.adpartner.pro/ Name: buyeruid_64
Value: 9e93063a-b438-4098-79cc-61f4be5e6545
m.mixadvert.com/ Name: 1187d722fdb08c497919524d861f2215
Value: 438575%2C438579%2C438578
m.mixadvert.com/ Name: b35a58b0d6e970945283857b262c4a32
Value: 1
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: dbfdb6e8-6d9c-5365-8252-d588e39667f1
.innovid.com/ Name: uuid
Value: 7868c011-e3a8-458c-97ec-a6ef4d64b306-20211223 12:31:37
dmpprof.com/ Name: uid
Value: cb47997f-3352-415f-ba5e-7172d357ec64
.aidata.io/ Name: __upin
Value: 9mNhAl9Kirnhr3CRKgJ3dA
.aidata.io/ Name: __upints
Value: 1640280697
a4p.adpartner.pro/ Name: buyeruid_57
Value: dbfdb6e8-6d9c-5365-8252-d588e39667f1
a4p.adpartner.pro/ Name: buyeruid_47
Value: dbfdb6e8-6d9c-5365-8252-d588e39667f1
.admixer.net/ Name: am-uid
Value: ccb0d0e5568e45c490260f083227a230
dmpprof.com/ Name: enrich_data_v2_5
Value: 1640280698
m.mixadvert.com/ Name: 3aa58fa137326730c9794aef98b2f5f6
Value: 1
m.mixadvert.com/ Name: 04f6c5f945332ec7286bd2b25d3f10cc
Value: 438578%2C438579%2C438575
dprof.site/ Name: uid
Value: cb47997f-3352-415f-ba5e-7172d357ec64
.lead-alliance.net/ Name: ppv1225
Value: 2021122318313860669266443X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidQzzC9BaTSWJK-5scKJ6KMBGXO52zgSa0asuid__suite_Netmix_Reach43_TopRotaMonth
www.lead-alliance.net/ Name: PHPSESSID
Value: s596fm3ts2hep208sauh9s3gv8
.lead-alliance.net/ Name: ppv1226
Value: 2021122318313860669266461X117679V1226132702MSoneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0MDI4MDY5OHZsZWExZGUyMDIxMTIyMzE4MzEzODYwNjY5MjY2NDE1WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZFI1WGZnZjZRRlgyN1RrSHdIM3RRdGRkQUZ3VHpUN2dzN29uZWlkX19hc3VpZE5ueXFqdGNheEN1cDI0bVdEV0lZWFBWY0hBd2RvMjFmYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExMzc1Mg
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0MDI4MDY5OHZsZWExZGUyMDIxMTIyMzE4MzEzODYwNjY5MjY2NDYxWDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZDIzWWg2ZkFxZng3UHJmVkhXSGt0OHR4eERhV1Q3VEtCVGdvbmVpZF9fYXN1aWRObnlxanRjYXhDdXAyNG1XRFdJWVhQVmNIQXdkbzIxZmFzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g0M19Ub3BSb3RhTW9udGgxMTc2Nzk
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266415X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266461X117679V1226132702MSoneid23Yh6fAqfx7PrfVHWHkt8txxDaWT7TKBTgoneid__asuidNnyqjtcaxCup24mWDWIYXPVcHAwdo21fasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
.awin1.com/ Name: awpv10679
Value: 412871|1640280698|2f421200-6416-11ec-92b1-22382f8dc9cc
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
newsyou.info/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22Y4Q2FRT4N%22%7D%2C%22C1146775%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280698754%7D%2C%22C1024868%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280698757%7D%2C%22C1122348%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280698800%7D%7D
.adriver.ru/ Name: cid
Value: Ai3ULYJnbXNU_Tf-1f5J_AQ
.bidswitch.net/ Name: tuuid
Value: 840c7006-8478-4dd5-8212-0979990999d9
.bidswitch.net/ Name: c
Value: 1640280698
.bidswitch.net/ Name: tuuid_lu
Value: 1640280698
.e-volution.ai/ Name: v_usr
Value: dcb3d09b-e42b-4f2d-a817-7f305fa209f4
.zeotap.com/ Name: zc
Value: 3ab9a23d-a586-4c4a-7702-a87f6048f4dd
.360yield.com/ Name: tuuid
Value: 01c39c06-dbbe-4e14-94a1-e215254dd232
.360yield.com/ Name: tuuid_lu
Value: 1640280699
.adsrvr.org/ Name: TDID
Value: fed93ff5-e0f1-459a-83b9-9691a13aecf1
.smartadserver.com/ Name: pid
Value: 3009984102882433811
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjoyMHsmZGjOhAFOAE.
.betweendigital.com/ Name: ut
Value: YcSyewAAeRjg87gZ6jQEprO5lcEb-qR6mdE_9w==
.idealmedia.io/ Name: muidn
Value: lbnBLduddPv9
.creativecdn.com/ Name: u
Value: 2TxjfHCmI8jiCFVo23f9
.creativecdn.com/ Name: ts
Value: 1640280699
.lentainform.com/ Name: muidn
Value: lbnBLduddPv9
.mfadsrvr.com/ Name: tuuid
Value: 86e2aab0-27e2-4234-bf23-01ec784b02af
.mfadsrvr.com/ Name: c
Value: 1640280699
.mfadsrvr.com/ Name: tuuid_lu
Value: 1640280699
.awin1.com/ Name: awpv11938
Value: 412871|1640280699|2fe5a500-6416-11ec-9cab-2239e6ba3d41
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1640280699_2fe5a500-6416-11ec-9cab-2239e6ba3d41%22%2C%22sp%22%3A%22awin%22%7D
.mfadsrvr.com/ Name: ssh
Value: !mgid,1640280699
cm.mgid.com/ Name: mg_sync
Value: {"287839":1640280699,"501037":1640280699}

2 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9496.coEI-2ugugLs84RcFn1BhR3PEAf42Itc9lCAaekhhF0pSz83LZAAbh0aqktLQHOgv8SC_Afs3qhG9DYIF2PSvQ%2C%2C.AzC1K3q1FMiTPmWzuKKcpXhiHgk%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyef7s39emLKnFqZHI4QAABLcAAAIB&google_gid=CAESEHJy_L8mbUUTZYqYHs7hVrQ&google_push=AYg5qPJS7J6n66xPUthXhB8WiY5YEIr_s1iZNf5zmeHzSUUZpVFM0pHtsjGc7-ONVM8D0htGmGsTGN7bRZ8nBkGz1BMMzKMllgBp&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
acint.net
ad.360yield.com
ad.adriver.ru
ad.doubleclick.net
ad4m.at
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.mgid.com
calculator.codes
cat.nl.eu.criteo.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.quantserve.com
connect.facebook.net
counter.yadro.ru
creativecdn.com
csm.eu.criteo.net
d.agkn.com
data.24smi.net
dm.hybrid.ai
dmpprof.com
dprof.site
dsp-trk.eskimi.com
eus.rubiconproject.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fcgi5.gnezdo.ru
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
guepslka.com
i.i.ua
i.mixadvert.com
image6.pubmatic.com
img.servestatic.net
inv-nets.admixer.net
jsc.mgid.com
jsn.24smi.net
loadercdn.net
m.mixadvert.com
m.trafmag.com
match.adsrvr.org
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mixadvert.com
mwzeom.zeotap.com
news.2xclick.ru
news.gnezdo.ru
newsyou.info
ocmurc.com
openfpcdn.io
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pix.eu.criteo.net
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
portal.blau.de
portal.o2online.de
ppvesdfiojol.com
prod-rtb.ad4mat.net
prodmp.ru
px.adhigh.net
pxksnymto.ru
r.i.ua
recreativ.ru
rtb-usw.mfadsrvr.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s-img.mgid.com
s.adtelligent.com
s.uuidksinc.net
s.zmctrack.net
secure-assets.rubiconproject.com
servicer.mgid.com
ssbsync.smartadserver.com
ssp-rtb.sape.ru
static-de.ad4mat.net
static.criteo.net
sync.1rx.io
sync.adtelligent.com
sync.e-volution.ai
t.trafmag.com
telegram.im
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
utarget.ru
vcmjf535tx.ru
www.acint.net
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
x01.aidata.io
zn3.2xclick.ru
cm.g.doubleclick.net
sync.adtelligent.com
104.109.78.125
104.111.239.217
104.16.199.73
104.19.133.78
104.19.216.61
109.206.161.21
136.243.84.75
143.204.98.61
143.204.98.82
145.239.108.234
146.0.227.110
146.59.44.106
147.135.189.55
148.251.139.77
15.197.193.217
157.90.179.216
159.69.142.212
165.22.198.175
172.217.18.98
178.250.0.139
178.250.2.148
178.250.2.150
185.148.37.26
185.148.37.79
185.184.8.65
185.187.81.40
185.187.81.41
185.248.101.21
185.86.138.119
193.106.95.134
193.200.65.18
193.200.65.5
193.200.65.6
193.232.150.70
195.201.243.72
195.209.108.38
198.47.127.19
2.19.35.65
213.19.147.45
216.58.208.230
217.65.2.150
217.67.179.205
2600:1901:0:76b9::
2600:1f18:445b:903:c624:a695:f9d2:6242
2606:4700:10::6816:1857
2606:4700:10::6816:294a
2606:4700:20::681a:34
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700::6810:135e
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a02:2638:1::11
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.120.81.147
3.248.87.88
31.220.27.134
34.120.139.69
35.186.253.211
35.212.212.222
37.18.16.21
37.48.86.87
46.236.13.147
46.4.121.26
52.29.77.212
62.76.25.27
69.173.144.139
77.123.132.42
78.46.85.162
79.171.117.17
8.39.36.142
80.211.42.243
82.113.101.132
82.113.101.236
84.200.5.215
85.192.12.170
85.192.12.174
88.212.201.198
88.99.63.132
89.108.119.28
91.198.36.16
91.198.36.78
93.95.100.117
93.95.102.105
94.23.153.171
96.46.183.20
99.80.191.196
00c2021bdac59d8348ce96f8eda3d24c9d1d99d6c60f63e020c6567e39078d11
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865
04026b43c27c2978b610d664e3de5af55117c1db2398e526431d6ac5ae55e381
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
045bed8363fa859ed0fbb8901ed02be678749e5ceac894671f5ef14da603e462
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
058bd9f2bcfaff98963aa6cea5fb5330d87c59fd30600528df5676750b6350da
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
06f3ceecbfe963e990253809b5612dd5b42567162590b69e11762144464e9dc5
0769a620ccba5a6119e7c4ac2c741513c0e5c20d1c13001caca6d838be89c8d1
07b6f40871d52312e963b2290014f9085bbe3742c83959843dfa0b7c074cd004
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09f8513494daccefd2ca18916323b55c8dab5d5f2120cd8f7537f4d32d2366f0
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211
0ad9efa7148c3b033e0430aa47c0d7279c5fb9ae699f34cc794b361bc96171cd
0b033515b1023d80f80ee227136cf5509f6e5b66bb39450ddafa1d1bb5b2acab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2ea552834d59f3629069e4233f30d3ec0a1fd9fa193a9872f79beec51867d7
0d8d71bdcae968558d46992970999923a5644067497dc156f3f888f517a58b9e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f1806720713d550367d6ae95a01139cb0db2ce81f895ecb50f4930312a265db
0f9e8ffa88978c4377a04f322ae1f5ad545c4af9de4477e0bcf5a5d1a6485d38
11f42e9915b154d5c6b413830e43e331562a3d6fd1dcbba395b21bf64c28d398
12d71e219476445955bd90d2e18f31c834c39c11f1214a23abb6983511d861ac
138bec58cfd65720c14272d5aed343b949207725edd5f676bdcd9bb092c963f0
15963286a88918c535d0a7a2c9bf04b9113cac7ad895ab8070c63b5763861a09
15f3c556ad662edbd583450f4ee20aac3183c2a09ba9a04aba83287ec2c3d81d
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
18c65977e5b2bcb651d79ad554ad42a8fa27f6a598a9a26718075d188e2d7d08
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
1940b7ca414417d344c0a3f22e2cb27873b399224c321d4bb3c38862e543a1db
199219a286886204cb63366914c6e1e1a29cae3626805565499868d088ace98c
19fabcb0c85f2f3f1377cda2ddbaf8ec0144d5cfa1c9406d5956a5ec71c361a0
1afeb90b7b49b18897794e5743885be1548cde4ee2866664c4c1af2bcf88a424
1b86d8c739c9f3e1ecfde56ea85f699ebeb53a6d576523828150c147bb11f54e
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
1ca2bf85e5997764a57be7e7fa9dd11db977e635d11b85074959d0ce7e810312
1e474b50037b3121ba37bb6fa3c6ca283b32741a17c601818cf25b02f0334e8f
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1e98a3ede349fecfd14a4b6cefad84f9b31076e53f30fb2bbb63adcd54f0f64f
1ec53179a71bb19d3bdec146371021485e5a26ea598ad52816bbc4a9bb5afb27
1ed1d1cb8623bf3167e5cbb2b7c30b8d26f243976ee9f6788d34a4e4b2de3d83
2394ed8ec6aa08e4aaf25a09179a7afac88f0669a0b66c8d6e8be3485cc74dde
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a
242e12dd8722129c0bf03c800bef65a20622fcaf13b1edda1c2102315fdbdaa6
25518d2c841e59dec58e64b57333fbd2640ace7042fe584dc19649690e14272f
2616555d253041cf2c947d4a5156563084796b2c9cb07966d88939d60b2d4432
26cf4453783f0965a47a2281abec28445f27f8ff34d33dd47528706dd4de10bb
26f366a22bb588b6e658c80479db3c55e7a51bf66f578ade7af7f0b1425c0c1d
2792408224dde6373f1778228a05505a2a36913137c920af418594c08133fd0a
28c3b24f87d5f92b9674f8f01f11fb31a3e68538ea483ac9812986bb8b8d9294
28d4bd1f035e957aaa00531c44df5cf7b802ae9235261ed370510fdd1743a52b
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
2b22663191117dd852ca5c946b8351fdd2bbdcd6d6d7a70d89d698e5dae14638
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a
3117ef8de99c385baec23e1ff509a1cbdb1efec22548af8218108e58a9669216
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab
365584e665042f807592294c53bf6b3bb99bf8870802df21d7541d610d7a9121
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3a2eec023adc8c05274eed54b4443f2a95502bba843fe0685313d992785f7c6e
3b2f3e81a7c76f1a46ec3aa9d933f2255b8f50e5a708078ab2e51e0f532adca0
3d501db58ccdb0013cb678f72bdcbb4547240c9e27836157e6835f6a0845798e
3d86ea1a91933592bc9f2aa122fdf67bff0e2ce2c79f548739c4d2e96ac5553e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb4db2e6c27e9a8a54e3a1d233f47265a21634f8021c4f750578e5af7f2c590
3f5ea6a90ab65ffc3ca523059ccc18e2d191462ef7e5aaaf5e77341c7933242b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40af400e8c91f02188ba45f50e2fcfe9e0551221d23bf002f8ad1ee7c8cae18f
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d
417fd63c23a7c6e249b54002e965c6d3eda19e06b84a4ae80e226021ed2ac9a6
424aa5d6844796ddc6b5deb89c4da73c6463a298f804a92aae88d7bac40e5e68
42f1001a0d21e42b0a40b9ff231b0ba95c48b4fd2fa21d3e4f1aba15e202b018
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453531d14260e17c2e2a85f1f23ac4df44ba6c02182f9d77bda7f9b41a1cc89f
454499e04d563b58f107957010e4f20cefd912857f82663a48c0b618f12851e4
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378
47c216158f344cc7dfe1f99f290522e2c32b2e6d9c57c5bbc6db290244e0673a
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
487312589f6fa950afa50d4adc93f87826f191b7f72ef80c0c456ef94c344998
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4af9d6205e6e709dfff2aed32006a5ad62a2c730b7e43d8a0968a718b69c75c9
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7d671fb4f3b7e59e88ea0b897a8ffdf268b7ef5fd757b815f5322eca9a9457
5074feb779719afee7ec1f9e99856af18d46c89e90857beca2c9525186a84d78
5107a173d40b8b14d159f4fa3fe5b3f63639f50d233b13bbd07f26cc3583fccc
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55306872269e2f1b8b7df1b131017007577c4b4ae361f9c1e3cc0118e0e29b1e
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
578b130d8727e233ece4772e7fd7680c22d200c00c76135d141a9ce2327f9126
57ae999bb7da44a39a0f4c1c0395b62ffa08b7b37ce91119e5d2433a1007efec
584cef30c8b0276d0fa2b0a7999ca5eb2de381f83546601106665e47d538f23c
58925535004c94a4a2223eb1b67e2163dc73b3923bd7aea43314dacf2b131f53
58ed36c9543d7d9c14d3e9010bda29fb36f1070d118536a7577d97ecce05070b
5aab942fa2cb8277ee4f869d38dea681d39442f06aa244354f9348dd8251a68d
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
5cd40fe604b58b6d0f2fd44e5fcc9423a943051aedfc3d44aeac6612dd7e2050
5d1b880ef89f71d5c065d0f47aef201e33c264240d37188da26318fbbbb5ffb3
5e42b623b75e0d7c984a464fa69cba9fa06050d9ab5b81c36848d2370b39f0d2
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5fb964f17743b344ca4dcb177421a133a72550399824203da32a452830d7cf9f
5fe718a3f71d796a8c839f91b9a26cf201757f1d2a6e77cf24d553f60302ed24
62c9183ace7ffb179b0dcfe1b88a807e6bc9a649eb6dd0936b7ba94528524929
62e687d450746204a09733b76edaa84a048b6a7099cc1cf1bac047c8e682972d
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb
6804acce8caf4034e76ca17282755c64641e3d54ae4c7f6218d059d076cb9e22
69a4c543157779595999265131ee57c007836c8f51a9e961a44c381707669268
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b8f5240340cb089cf984caacde8c6a3ec1f5a21f40c2f380ed34ab0631857a2
6bf764a3a03b9f8ec9fb016e986469ffb95d9d2b049fe0808af5e57e40f2eb0d
6c227d4b3a58b2da51e7f802928dc116792b930de8c90436a5fc77b9cac4da58
6d1181b4172cb366aa983b9233653c810be723ca9076bf999cf79056a5644a9a
6eb1d97374d7d109c419a5b5d30eb49e6e57095ceea9e60945301a0d359b32cf
6f64f65d90659d2edf7326b50c7280a4d4672876dc0afb6763904f2ac72db128
70579a52ec2778d10dc5bf83a705218aaf74f8568e7f6196ea7ee06de21afc40
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
718dea75aca724482dd10ddb8db6c7db5cf12d8592821eedc2f544d22ebb904c
72eb47be0de224add691e0ad18bf8ff3decae4be687d16893ae7bf2be0759fed
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74e814cb7ef9a3e7fe7f2ad10dc8d4a808d906724372d926726233fa1c9782e1
7577dc43959f1ae737b059bc7fa11d60b2e718e49a13c5f1a273fcd790817b42
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
77d8eff429a1fed25ca79b8a2de7ee537e20a422cf8e8ca765662ae69c207747
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
793efe1cc1e83c8fca81379345e9839522e2d30f20cd5ab67cb3058e1a0d259e
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7aa01b65ddab63af081b179c28164c663a40e042b2ba1fed2644ee6f9d2a211d
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
7bea74a8949fb8732fcd7fa98dc7f441dde603024aa79ddd781521c85dd33b93
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7
7d7dea60fa923ab7d7120f0c2e05888e781939006d0777b63ef9148ebdd623f2
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
7e436efe4ae1cd0ebb3e5fef30ea54de8151e1dfabd9cdc0abe1b87e7b216183
82c3ed6ff4ab2a922e388aa0ae0894d86036393ebff63f2e7e74efa9f708cad5
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd
856ce219bdcd760fdc25dde2a71706432f91cf992090c23c5bcd9993307b1963
86c269f58ff013e4c961ae50583e44adfd794f0d415030a549cf2f92db0295b3
8733b39a436446087849b1973adc5f9b17b022b9221a7923fa6cb7d8ba457796
8773f887e6d0472f166df5c8d38f43a81ac55d5174ebdd9f5d9fb6e53961fa8e
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d
893272f386161bc5de59f161622195fa4cc580b63e4f49d21d495394a3e09972
895435ec098cfc5f2104cc44548c00dcf4ac85dde3ff48767a1b29e523d0166a
8979dc16b9b5575e7bddafe0e522d75f67389d497eee79e681d36acf3de40f5e
8a54678a170753e895ffbe8235a0beef8349dd7e116ee31c1f1da75d7dac9463
8b659f72017df1d6cdc07307be915ec445d7640648eda9f055cffa10dafdc722
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
905466c4c23e5a91083c0e4547fb6c7c6d35adb11f3f4e3d64be8198b7545cd6
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
914129dccbcf219e8ed8763acebdd2869e0e40f36cadf9cb5d28aaa16f4afc89
93295644da9af673ecf074ce2a3962f685662b6f69c498a77a37e4708b84ce5b
93398887feeae6379c164b5421590428a861e7454218df7d47fb5166a31dbf35
9476d7e6920afc7f1516f2af4c91bbce909a66c462a8cef4bac868f6a3218015
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
96365d0efa97cf43a947425785b2bad3f7eb518f6222143d2674cbf29fe92d3a
986036fffea7b52937718badd063cc28a6da29792e6df5c0176b302008928381
9a3f9f49a9ba57c33ca230ee9e8a99022b4f8ac7219bb522c6e77a52f3e5fca0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9d4f4a863418edc852e61c4f78f2ef061e033eeb7b86ea9e44e35064b0c6d58f
9eec64368167047f9d996ee210b6d3bb01980aabadd30d0c9a65c6ed78bbd35e
9fd72153ba3e8a36d7e6a93d9bd5acb61f8f1cde905b95955a10761aa7e3636d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a04eeb1dc4fd30ad1df9388b95522ea4bfce3f72e5f142463ef648af8cad88c1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a077de71def62bda94d78d94c47d1ef808b181f7ac824de9d0d835f169cb5bcb
a0a8aafea7c182cd50d239de71da565129cb1110563f5c87ede4f0bdd740008f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84e073be90f3b8a06645947c17b4059cc3e2930c96661210e19504efb706331
a904cee9c6ca0cd7a89c18dc4dfef8aa058220c8e2a6b5c91725daae52730153
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa6f4107b5a29a1b3d1e0fb085191dcd7d8bb9497ae061d1e1304abd20891f86
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4
ab4481a0bd675bbcdb7eda1f4922f43cfce3e559aa83bffe6ec366e5a69f3529
ab57c993f9bec3e2dd09d19bda6798a7f425d6e0a8ef02235b29426945e4f75c
adc8fc28b66827d96a76ac5be9c44ccea9d61249418820bedd9092c16775ac3a
ae07ae363826bb4478d2028eebbf5b01267fa4afa9af5aec85e00ac13c3e8736
b1d8189f87b428e1e35303478ce05cf5100756c6deaf1e8517be0c2d5554c87c
b267a4cc065aca882faaa89c18de0dbf47ed477b17aa66cb4e7b0a7ec0500de8
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b3d51febc76d9c9cea5a7d40b91f61b90849ebc62f33736965635645bfe0dad2
b667e8d278dfc8346665794b68b46193d5dec23f6702097f38af1d10d04cd1b6
b6d89e3b5fe9105c2adc070949d5b9f61a63700b8227950e4ea732b1c5699519
b8a7ef58a18433d97780ef0f3719ed0906fb0b11f4b981b534b21d1f037df2df
b961ec166a7ac458d9446ac0d639896f10dbffaed7b9155808c7045aad8d2ccd
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
ba07a6fa7d7cc4f6b5b28a85169014124073cd45e8673785154d9710624acbc0
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
bac8bfdee5ab72a4525e91652bdaad52eb1d2b078011efea385c3e19e9856472
bacf5d2cdcb9e75599240481a7a703be7aacb54e21cd79eca6f911e1654b546f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc66ad27783be70669b8c4b460c063c26fd9ed92817677bf450bde49eb2bfbb5
bc6c5df0302e3c8f2b36c737e80f20a8f47be2c3b4095ff553f5330df327fd53
bd2e20285449891e71d348ad6ef598cb72e93b68c77347ec09ccf77d26e13c46
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be3b3f8bcc205f0f728a2685dee3d14485eeaa47df92478fc27f6b90f314a9c6
bef85c203e1a4b34bbf59056e87f69126fa458a3fa652a17c1780acb51e8d390
bff6fe2953477c19b112787a90875cba98f8fc5204e4c455fa3a70f700188269
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
c29fb37699996df1d4eb577635c7e9a2b159abf4e95fd99101ddd20f421f5d63
c450f4419a73ab06aaae1220e35d5e3f591ec2bac0df3022a35957cea2f0b019
c47059aea1c35a75cce187a3921d7f7da3a2947879b6b6b4fce5fb1abab844b6
c4e0888c40cfca458708441e611877ea3facd789ffc92acf54a49cc45982d833
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c71cfdc5d8624558e2cc670a0dfacfca40f7bafd4f1393ed067e4e381ad8e6e5
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e
c8c988c79598cda1ad13c85b07b9360ccf0ce6197d3230a33191bcda60e435e4
c91cae9b3221f9c663c1e10d7f5d483fd4bfba33c7b480014ef85ea00011d755
c93d5f73d08ffaf9abb1a09408e8f1e4bf46c9c4fb3615e6b05e22f33ecbf9d5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
c9af752bbb8158660879cf030c3a9ce8bdbf74c7c6bcf82ba7c7cd931474e05b
c9cea1b7c38f1c93b922c5ee7219f6fd2e82a8934671c6fea4ec1806d60f1daa
cc17d109139a33b161c661f209fc503ee7fcf8f7ebbbf3aaf535ed0ab2b8cc89
cc272e4da29927be89e8350b0718da7558b901533cf2e75345e3e8c1fbd82053
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccd0d28962618c48f75fc894dde961d87f9bf9c1a45ed23e0ffc27eabcad7bcd
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
cd919786e58a29bed6ae038fd3e7f514232525798fc80a3d1127a5d6c5c103f4
cdc6a672e24d84d0277383399879fb8a1d6e02cf7f1fab4fe2a31aa173ad9faf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf54b8a53344f53566d1ea2e98d67c2ddeb7db24e3c677fe05ffdf429fbd0637
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d18621f7385067fcfd7ddf9af42da75c9026a0d74be6db9580f5fbe6bf73dbce
d3053829bf9a78772c8b8db58750a3da92c64b0b879e8a1a87b980120882c857
d413187e7fd42a10ac03e4b166868be0fc8d0f38ed81e354de3f5176a29ef990
d451478e68967318296d36228990231513bc7f5e5de8c11d825f8061a4e5e6cd
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d5dc3810d345b69ede6455734f4efcd13ed56b902668192e7d2004c171591a8b
d7d3a1f1d411bc17aa4e2746644c556f941b7959c0ad85627970504f133b02c5
d801b155bd0191d276c94018809350abd09d21462f5171c9890f89a22d35a6c4
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
dbe0cf6b50ec23fd38afc516f0b26906780ec018276247a735f51a47a7aa76fb
dcbc685b8a1523b56ad0a98003f93be8f0521ddc6aef1bea4d046d095281056d
dfe0de6e117fe3ddc32d7d5bc796bc279a336a4a70f8236eb9a45f743fad8e6f
e07ea1b84fe36566664a8778c0cec50ffc16dc60ba86b14a1c2c9b91430dea53
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e12b8e623681bd2be783140447a091eed228c7e3c76f96bdd99c9b4ad295baab
e18203607d02d9989274d62de14465c358a7e4304c7e6ae38c51defcf33b8811
e2e890ad66dcc4876c25577836c404e0435782f004e2be91f15924957b192322
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e461f1fc8c8c579ce2cfd14d323e118b437217a5deedd3d7e59e0a9d7e944b1c
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e5163e6cd7d935002ad61d64f98cf1d9250ee6b235b496d1799321e9de2255fc
e75ed43041906d7a1a30057773711c90085183a5f4563f5279cfb0519a3c4ed8
e8bcbffbb8d6c67382224ce3dcc606693d1ffe08545805c167be22f9f0ab12fa
e9b89ecf2f1c82dd24767bf40b899e44a7f68c30ec08ed836ad5a51683d470c9
ea6f21037126fc3c7dd89866d96b0d0ff3bc01f95de99f63455152983c038897
ebe43817c43c329b2bcf2d0c367782a3085ca9afe0134f56c778be2dfc5bd4d2
ebf831c917cc19797fad0a9243ad955a1f6e57183ad27c2ac123cecb29782bd7
ed5a11894c21c008675badc52c7d06a2b7c37789074ea71fad33c3f449048d1e
ed79ab516c86cb0b3da37d48ebca6f7b1f0b979325cb02db26bf5208cf00dbd9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f054bf0870f8a7262d7c6a7c35cb1ceb67823f501c4bf19b8389849fe3cf9838
f0937d59e951f9d42c0310cacb254db635a47484e629e422c89e26d6c66855a5
f0f3340fc6c123ddbe3825a916fe5548281cc4cafb8c23ea318a2cb7c28e80ed
f106845da8d75308aa0249515b14b9b221aae3205b375a542d9d394db1c6b19a
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2414ab12452cc03536f57825be35dc826d99280686ba47b325cfa9cd8e1bd59
f2748fdac882bab3f3e1215e9946e0bb4a1b8a1af4c9a6b124e86ceda52ec531
f3039063bdeeddc487f9a6e8f625e1a10c8a37ec37e2707a3a3835aba0fc8686
f30711901769b5fad09214da2177589c15425a1748c77d332334fd15ed7859b9
f42a6f4e26973a155c49e196427504f906c2f2b1762ffa42a406a54e5508fcc0
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
f4fcea89d430967c0e79d7d860cdc150b8171e52f55b2455509535a9c7d5290a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f691f8ca77961efc68a2a3a39eb5fee440a429949574cdd5a23cef733b46ff0d
f6df7b488b1ab42585bafc529260e7c3c570814468941d1661eeb99a9412654c
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f871c8d6424aa5a8530ea92821770a3d5978c65b57991c8715f6a271f9237136
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317
f8f74f1f91a40d18dd712f6885477847d1cf5003f806d342ec01d3504a31354d
f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec
fbb11119f3f51ec2a0c08098383de743c39b7c5965874a0cc96141ab2ad8ca37
fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658
fbf349f19615afdff2553d69fadec7df40fb8c78e1340ce515c6d4108faa55b5
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
fcda0d22ebce051cb16ed4389df05f7d73848a9fadfaca22e50c06f5a5d270a1
fd42eb21f950a6ebd0e3eb2b9194232ddb6e1421fab1503b03a6d16a7476aecc
fdf2f275281389761bd5b701c1e75b132344a8b070ccefe9733411147b92fe54
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75