urlscan.io logo urlscan.io
SecurityTrails logo

newsyou.info Open in urlscan Pro
185.248.101.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Effective URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Submission: On December 23 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 11 countries across 91 domains to perform 530 HTTP transactions. The main IP is 185.248.101.21, located in Russian Federation and belongs to IPSERVER-RU-NET Fiord, RU. The main domain is newsyou.info.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 23rd 2021. Valid for: a year.
This is the only time newsyou.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 185.248.101.21 44812 (IPSERVER-...)
10 2a00:1450:400... 15169 (GOOGLE)
2 85.192.12.170 12695 (DINET-AS)
31 62.76.25.27 61400 (NETRACK-AS)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 165.22.198.175 14061 (DIGITALOC...)
5 93.95.100.117 48347 (MTW-AS)
6 27 104.19.132.78 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
11 79.171.117.17 64494 (VARITI-AS)
41 146.59.44.106 16276 (OVH)
2 2a03:2880:f02... 32934 (FACEBOOK)
8 85.192.12.174 12695 (DINET-AS)
6 80.211.42.243 31034 (ARUBA-ASN)
12 147.135.189.55 16276 (OVH)
1 2 88.212.201.198 39134 (UNITEDNET)
1 1 91.198.36.16 43405 (DIGITAL-V...)
1 91.198.36.78 43405 (DIGITAL-V...)
3 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 208722 (YNDX)
2 193.200.65.18 6681 (GIVEME-CLOUD)
8 82.192.82.4 60781 (LEASEWEB-...)
3 22 2a00:1450:400... 15169 (GOOGLE)
3 185.187.81.41 43332 (IDSTRATEG...)
1 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 193.106.92.202 48614 (ITSOFT-AS)
2 143.204.98.58 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
8 185.148.37.79 48347 (MTW-AS)
2 77.123.132.42 35680 (VOLIA)
2 193.200.65.5 6681 (GIVEME-CLOUD)
2 4 31.220.27.134 39572 (ADVANCEDH...)
2 136.243.84.75 24940 (HETZNER-AS)
2 34.120.139.69 15169 (GOOGLE)
1 3 193.232.150.148 48061 (UMA-TECH-AS)
3 37.18.16.16 205675 (HYBRID-AS)
3 217.65.2.150 3175 (CITYTELEC...)
7 7 46.4.121.26 24940 (HETZNER-AS)
2 2 159.69.74.7 24940 (HETZNER-AS)
2 2 195.201.243.71 24940 (HETZNER-AS)
6 6 96.46.186.57 7979 (SERVERS-COM)
4 4 144.76.118.233 24940 (HETZNER-AS)
9 185.148.37.26 48347 (MTW-AS)
9 145.239.108.234 16276 (OVH)
3 94.23.153.171 16276 (OVH)
1 2 89.108.119.28 197695 (AS-REG)
14 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:7... 15169 (GOOGLE)
42 2606:4700:20:... 13335 (CLOUDFLAR...)
4 93.95.102.105 48347 (MTW-AS)
2 2 195.209.108.46 52007 (ADRIVER-AS)
3 185.29.134.249 30419 (MEDIAMATH...)
2 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::11 44788 (ASN-CRITE...)
7 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
1 1 146.0.227.110 29066 (VELIANET-...)
1 193.200.65.6 6681 (GIVEME-CLOUD)
4 46.4.10.47 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
1 1 54.154.122.160 16509 (AMAZON-02)
3 21 172.217.18.98 15169 (GOOGLE)
4 4 18.196.159.27 16509 (AMAZON-02)
2 4 35.244.174.68 15169 (GOOGLE)
4 35.186.253.211 15169 (GOOGLE)
4 4 185.64.190.78 62713 (AS-PUBMATIC)
1 4 2600:1f18:445... 14618 (AMAZON-AES)
2 4 79.137.69.120 16276 (OVH)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
3 77.123.132.26 35680 (VOLIA)
3 138.201.63.145 24940 (HETZNER-AS)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 69.173.144.139 26667 (RUBICONPR...)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2 104.111.215.191 16625 (AKAMAI-AS)
2 178.250.2.150 44788 (ASN-CRITE...)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
8 46.236.13.147 12703 (PULSANT-AS)
3 4 142.250.184.198 15169 (GOOGLE)
1 54.76.176.197 16509 (AMAZON-02)
1 3 104.111.239.217 16625 (AKAMAI-AS)
5 217.67.179.205 29226 (MASTERTEL...)
4 143.204.98.61 16509 (AMAZON-02)
8 104.19.135.78 13335 (CLOUDFLAR...)
8 8 84.200.5.215 31400 (ACCELERAT...)
2 2 88.99.63.132 24940 (HETZNER-AS)
2 82.113.101.132 6805 (TDDE-ASN1)
2 2 78.46.85.162 24940 (HETZNER-AS)
2 82.113.101.236 6805 (TDDE-ASN1)
1 148.251.139.77 24940 (HETZNER-AS)
1 2a0c:5c81:509... 55081 (24SHELLS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
2 2 52.31.83.126 16509 (AMAZON-02)
5 5 18.195.128.93 16509 (AMAZON-02)
1 1 87.98.128.108 16276 (OVH)
1 104.16.199.73 13335 (CLOUDFLAR...)
2 2 3.33.220.150 16509 (AMAZON-02)
2 2 35.212.212.222 15169 (GOOGLE)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.138.120 201081 (SMARTADSE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 213.19.147.44 26120 (RHYTHMONE)
1 104.19.217.61 13335 (CLOUDFLAR...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 69.173.144.138 26667 (RUBICONPR...)
1 8.39.36.141 26667 (RUBICONPR...)
8 3.248.87.88 16509 (AMAZON-02)
530 91
37    185.248.101.21 (Russian Federation)

ASN44812 (IPSERVER-RU-NET Fiord, RU)
newsyou.info
10    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    85.192.12.170 (Russian Federation)

ASN12695 (DINET-AS, RU)
vcmjf535tx.ru
31    62.76.25.27 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
ocmurc.com
8    2606:4700:10::6816:284a (United States)

ASN13335 (CLOUDFLARENET, US)
jsn.24smi.net
1    165.22.198.175 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
calculator.codes
5    93.95.100.117 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
news.2xclick.ru
news.gnezdo.ru
27    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cm.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
3    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
11    79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)
ppvesdfiojol.com
41    146.59.44.106 (France)

ASN16276 (OVH, FR)
PTR: vps-63464c75.vps.ovh.net
a4p.adpartner.pro
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)
pxksnymto.ru
dmpprof.com
dprof.site
6    80.211.42.243 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host243-42-211-80.serverdedicati.aruba.it
telegram.im
12    147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com
m.mixadvert.com
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
1    91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua
r.i.ua
1    91.198.36.78 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: sh02.mi6.kiev.ua
i.i.ua
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
2    193.200.65.18 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: utarget.pro
utarget.ru
8    82.192.82.4 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: lw2070.ua-hosting.company
data.24smi.net
22    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
loadercdn.net
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    193.106.92.202 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
PTR: rav4ever.ru
prodmp.ru
2    143.204.98.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-58.fra50.r.cloudfront.net
openfpcdn.io
14    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi5.gnezdo.ru
2    77.123.132.42 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 42.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
2    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
4    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de
recreativ.ru
2    34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com
dsp-trk.eskimi.com
3    193.232.150.148 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp15.sender.ltmse.com
px.adhigh.net
3    37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
3    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
7    46.4.121.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info
www.acint.net
2    159.69.74.7 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1290151.sapientru.net
ssp-rtb.sape.ru
2    195.201.243.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info
acint.net
6    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    144.76.118.233 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.233.118.76.144.clients.your-server.de
exchange.buzzoola.com
9    185.148.37.26 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
zn3.2xclick.ru
9    145.239.108.234 (France)

ASN16276 (OVH, FR)
PTR: d5.mix.storage.badvps.com
i.mixadvert.com
3    94.23.153.171 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: d5.mix.site.badvps.com
mixadvert.com
2    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
14    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
42    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
4    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
2    195.209.108.46 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
3    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
2    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
7    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
4    46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    54.154.122.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-122-160.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
21    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
4    18.196.159.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com
d.agkn.com
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    2600:1f18:445b:903:c624:a695:f9d2:6242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ag.innovid.com
4    79.137.69.120 (France)

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl
googlecm.hit.gemius.pl
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    77.123.132.26 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 26.132.123.77.colo.static.dcvolia.com
img.adpartner.pro
3    138.201.63.145 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
3    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    2606:4700:20::681a:34 (United States)

ASN13335 (CLOUDFLARENET, US)
img.servestatic.net
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
8    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
4    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
8019191.fls.doubleclick.net
ad.doubleclick.net
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
5    217.67.179.205 (Balashikha, Russian Federation)

ASN29226 (MASTERTEL-AS Moscow, Russia, RU)
PTR: 217-67-179-205.in-addr.mastertelecom.ru
guepslka.com
4    143.204.98.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-61.fra50.r.cloudfront.net
analytics.webgains.io
8    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
8    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    88.99.63.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.o2online.de
2    82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
2    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.blau.de
2    82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de
portal.blau.de
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    52.31.83.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-83-126.eu-west-1.compute.amazonaws.com
ad.360yield.com
5    18.195.128.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-128-93.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    87.98.128.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-87-98-128.eu
green.erne.co
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.138.120 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
8    3.248.87.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
46 adpartner.pro
a4p.adpartner.pro
file.adpartner.pro
img.adpartner.pro
223 KB
45 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
8019191.fls.doubleclick.net
ad.doubleclick.net
99 KB
42 ad4m.at
as.ad4m.at
ad4m.at
assets.ad4m.at
1 MB
37 newsyou.info
newsyou.info
2 MB
35 mgid.com
jsc.mgid.com
cm.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
467 KB
31 ocmurc.com
ocmurc.com
600 KB
24 mixadvert.com
m.mixadvert.com
i.mixadvert.com
mixadvert.com
392 KB
24 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
325 KB
18 gstatic.com
fonts.gstatic.com
307 KB
16 criteo.net
pix.eu.criteo.net
static.criteo.net
csm.eu.criteo.net
879 KB
16 gnezdo.ru
fcgi5.gnezdo.ru
news.gnezdo.ru
fcgi4.gnezdo.ru
28 KB
16 24smi.net
jsn.24smi.net
data.24smi.net
50 KB
14 googleapis.com
fonts.googleapis.com
9 KB
12 webgains.io
analytics.webgains.io
api.webgains.io
205 KB
11 ppvesdfiojol.com
ppvesdfiojol.com
126 KB
10 2xclick.ru
news.2xclick.ru
zn3.2xclick.ru
265 KB
9 acint.net
www.acint.net
acint.net
3 KB
8 webgains.com
track.webgains.com
63 KB
8 rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-us-west.rubiconproject.com
13 KB
8 google.com
adservice.google.com
www.google.com
871 B
7 redintelligence.net
hal9000.redintelligence.net
hal900010.redintelligence.net
57 KB
6 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
11 KB
6 googletagservices.com
www.googletagservices.com
219 KB
6 betweendigital.com
ads.betweendigital.com
4 KB
6 telegram.im
telegram.im
21 KB
5 bidswitch.net
x.bidswitch.net
3 KB
5 guepslka.com
guepslka.com
144 KB
5 criteo.com
rtb.nl.eu.criteo.com
ads.eu.criteo.com
cat.nl.eu.criteo.com
50 KB
5 yandex.com
mc.yandex.com
3 KB
4 blau.de
partner.blau.de
portal.blau.de
4 KB
4 o2online.de
partner.o2online.de
portal.o2online.de
4 KB
4 lead-alliance.net
www.lead-alliance.net
3 KB
4 telefonica-partner.de
www.telefonica-partner.de
1 KB
4 gemius.pl
googlecm.hit.gemius.pl
984 B
4 innovid.com
ag.innovid.com
1 KB
4 pubmatic.com
image6.pubmatic.com
2 KB
4 openx.net
rtb.openx.net
543 B
4 rlcdn.com
id.rlcdn.com
2 KB
4 agkn.com
d.agkn.com
3 KB
4 mathtag.com
tags.mathtag.com
pixel.mathtag.com
3 KB
4 dmpprof.com
dmpprof.com
2 KB
4 buzzoola.com
exchange.buzzoola.com
760 B
4 uuidksinc.net
s.uuidksinc.net
907 B
3 awin1.com
www.awin1.com
2 KB
3 new-programmatic.com
match.new-programmatic.com
645 B
3 hybrid.ai
dm.hybrid.ai
712 B
3 adhigh.net
px.adhigh.net
1 KB
3 trafmag.com
t.trafmag.com
m.trafmag.com
1 KB
3 prodmp.ru
prodmp.ru
489 B
3 google.de
adservice.google.de
1 KB
3 google-analytics.com
www.google-analytics.com
40 KB
3 cloudflare.com
cdnjs.cloudflare.com
40 KB
2 creativecdn.com
creativecdn.com
687 B
2 e-volution.ai
sync.e-volution.ai
918 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
754 B
2 adsrvr.org
match.adsrvr.org
906 B
2 360yield.com
ad.360yield.com
611 B
2 dprof.site
dprof.site
1 KB
2 medialead.de
pv.medialead.de
2 KB
2 addthis.com
e.dlx.addthis.com
1 KB
2 quantserve.com
cms.quantserve.com
844 B
2 adriver.ru
ad.adriver.ru
1 KB
2 aidata.io
x01.aidata.io
931 B
2 sape.ru
ssp-rtb.sape.ru
1 KB
2 eskimi.com
dsp-trk.eskimi.com
324 B
2 recreativ.ru
recreativ.ru
219 B
2 openfpcdn.io
openfpcdn.io
842 B
2 zmctrack.net
s.zmctrack.net
24 KB
2 utarget.ru
utarget.ru
49 KB
2 yandex.ru
mc.yandex.ru
66 KB
2 i.ua
r.i.ua
i.i.ua
2 KB
2 yadro.ru
counter.yadro.ru
1 KB
2 pxksnymto.ru
pxksnymto.ru
96 KB
2 facebook.net
connect.facebook.net
84 KB
2 vcmjf535tx.ru
vcmjf535tx.ru
61 KB
1 lentainform.com
cm.lentainform.com
495 B
1 1rx.io
sync.1rx.io
107 B
1 zeotap.com
mwzeom.zeotap.com
453 B
1 smartadserver.com
ssbsync.smartadserver.com
345 B
1 idealmedia.io
cm.idealmedia.io
413 B
1 erne.co
green.erne.co
294 B
1 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
880 B
1 congstar.de
banner.congstar.de
517 B
1 ad-server.eu
ad-server.eu
312 B
1 media01.eu
pb.media01.eu
630 B
1 servestatic.net
img.servestatic.net
12 KB
1 everesttech.net
pixel.everesttech.net
431 B
1 admixer.net
inv-nets.admixer.net
497 B
1 loadercdn.net
loadercdn.net
169 B
1 googleadservices.com
partner.googleadservices.com
645 B
1 calculator.codes
calculator.codes
20 KB
530 91
Domain Requested by
41 a4p.adpartner.pro newsyou.info
a4p.adpartner.pro
37 newsyou.info newsyou.info
pagead2.googlesyndication.com
31 ocmurc.com newsyou.info
ocmurc.com
21 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
newsyou.info
20 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
newsyou.info
18 assets.ad4m.at as.ad4m.at
18 fonts.gstatic.com fonts.googleapis.com
14 tpc.googlesyndication.com googleads.g.doubleclick.net
14 cm.mgid.com 6 redirects jsc.mgid.com
newsyou.info
14 fonts.googleapis.com client
newsyou.info
googleads.g.doubleclick.net
cdnjs.cloudflare.com
vcmjf535tx.ru
hal900010.redintelligence.net
12 ad4m.at as.ad4m.at
ad4m.at
12 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
12 m.mixadvert.com newsyou.info
m.mixadvert.com
11 ppvesdfiojol.com newsyou.info
ppvesdfiojol.com
10 pagead2.googlesyndication.com newsyou.info
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
9 i.mixadvert.com newsyou.info
m.mixadvert.com
9 zn3.2xclick.ru newsyou.info
news.2xclick.ru
8 api.webgains.io analytics.webgains.io
8 s-img.mgid.com newsyou.info
8 track.webgains.com newsyou.info
googleads.g.doubleclick.net
as.ad4m.at
8 fcgi5.gnezdo.ru news.2xclick.ru
newsyou.info
8 data.24smi.net jsn.24smi.net
8 jsn.24smi.net newsyou.info
jsn.24smi.net
7 static.criteo.net ads.eu.criteo.com
7 pix.eu.criteo.net googleads.g.doubleclick.net
ads.eu.criteo.com
newsyou.info
7 www.acint.net 7 redirects
7 jsc.mgid.com newsyou.info
jsc.mgid.com
6 www.googletagservices.com googleads.g.doubleclick.net
6 ads.betweendigital.com 6 redirects
6 telegram.im newsyou.info
telegram.im
5 x.bidswitch.net 5 redirects
5 guepslka.com newsyou.info
5 mc.yandex.com 2 redirects newsyou.info
4 www.lead-alliance.net 4 redirects
4 www.telefonica-partner.de 4 redirects
4 analytics.webgains.io track.webgains.com
4 googlecm.hit.gemius.pl 2 redirects googleads.g.doubleclick.net
4 ag.innovid.com 1 redirects googleads.g.doubleclick.net
4 image6.pubmatic.com 4 redirects
4 rtb.openx.net googleads.g.doubleclick.net
4 id.rlcdn.com 2 redirects googleads.g.doubleclick.net
4 d.agkn.com 4 redirects
4 hal9000.redintelligence.net newsyou.info
hal900010.redintelligence.net
4 fcgi4.gnezdo.ru newsyou.info
4 dmpprof.com pxksnymto.ru
4 www.google.com 1 redirects googleads.g.doubleclick.net
4 news.gnezdo.ru newsyou.info
news.2xclick.ru
4 exchange.buzzoola.com 4 redirects
4 s.uuidksinc.net 2 redirects newsyou.info
4 adservice.google.com pagead2.googlesyndication.com
8019191.fls.doubleclick.net
3 servicer.mgid.com jsc.mgid.com
3 www.awin1.com 1 redirects googleads.g.doubleclick.net
as.ad4m.at
3 pixel.rubiconproject.com 2 redirects newsyou.info
3 static-de.ad4mat.net as.ad4m.at
3 hal900010.redintelligence.net hal9000.redintelligence.net
hal900010.redintelligence.net
3 img.adpartner.pro newsyou.info
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 prod-rtb.ad4mat.net googleads.g.doubleclick.net
newsyou.info
3 mixadvert.com newsyou.info
3 match.new-programmatic.com newsyou.info
3 dm.hybrid.ai newsyou.info
3 px.adhigh.net 1 redirects newsyou.info
3 prodmp.ru pxksnymto.ru
3 adservice.google.de pagead2.googlesyndication.com
3 www.google-analytics.com newsyou.info
www.google-analytics.com
a4p.adpartner.pro
3 cdnjs.cloudflare.com newsyou.info
ads.eu.criteo.com
2 creativecdn.com 2 redirects
2 sync.e-volution.ai 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 match.adsrvr.org 2 redirects
2 ad.360yield.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 ad.doubleclick.net 2 redirects
2 portal.blau.de as.ad4m.at
2 partner.blau.de 2 redirects
2 portal.o2online.de as.ad4m.at
2 partner.o2online.de 2 redirects
2 dprof.site pxksnymto.ru
2 cdn.mgid.com newsyou.info
2 8019191.fls.doubleclick.net 1 redirects newsyou.info
2 pv.medialead.de 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 e.dlx.addthis.com 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 cat.nl.eu.criteo.com googleads.g.doubleclick.net
ads.eu.criteo.com
2 rtb.nl.eu.criteo.com newsyou.info
googleads.g.doubleclick.net
2 ad.adriver.ru 2 redirects
2 x01.aidata.io 1 redirects newsyou.info
2 acint.net 2 redirects
2 ssp-rtb.sape.ru 2 redirects
2 dsp-trk.eskimi.com newsyou.info
2 recreativ.ru newsyou.info
2 t.trafmag.com newsyou.info
2 file.adpartner.pro newsyou.info
2 openfpcdn.io pxksnymto.ru
2 s.zmctrack.net newsyou.info
2 utarget.ru newsyou.info
utarget.ru
2 mc.yandex.ru 1 redirects newsyou.info
2 counter.yadro.ru 1 redirects newsyou.info
2 pxksnymto.ru vcmjf535tx.ru
ppvesdfiojol.com
2 connect.facebook.net newsyou.info
connect.facebook.net
2 vcmjf535tx.ru newsyou.info
vcmjf535tx.ru
1 pixel-us-west.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 cm.lentainform.com newsyou.info
1 sync.1rx.io newsyou.info
1 mwzeom.zeotap.com newsyou.info
1 ssbsync.smartadserver.com 1 redirects
1 cm.idealmedia.io newsyou.info
1 green.erne.co 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 s.adtelligent.com cm.mgid.com
1 banner.congstar.de as.ad4m.at
1 c.mgid.com jsc.mgid.com
1 ad-server.eu googleads.g.doubleclick.net
1 pb.media01.eu hal900010.redintelligence.net
1 img.servestatic.net newsyou.info
1 pixel.everesttech.net 1 redirects
1 pixel.mathtag.com tags.mathtag.com
1 m.trafmag.com newsyou.info
1 inv-nets.admixer.net 1 redirects
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 loadercdn.net newsyou.info
1 partner.googleadservices.com pagead2.googlesyndication.com
1 i.i.ua newsyou.info
1 r.i.ua 1 redirects
1 news.2xclick.ru newsyou.info
1 calculator.codes newsyou.info
0 sync.adtelligent.com Failed s.adtelligent.com
530 129
Subject Issuer Validity Valid
newsyou.info
AlphaSSL CA - SHA256 - G2		 2021-02-23 -
2022-03-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpizy1uy3x.ru
R3		 2021-10-27 -
2022-01-25		 3 months crt.sh
ocmurc.com
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-13 -
2022-10-12		 a year crt.sh
calculator.codes
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
news.2xclick.ru
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
ppvesdfiojol.com
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
adpartner.pro
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-02 -
2021-12-31		 3 months crt.sh
pwrlkyotm.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
telegram.im
R3		 2021-12-23 -
2022-03-23		 3 months crt.sh
m.mixadvert.com
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.utarget.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-06-09 -
2022-07-07		 a year crt.sh
*.24smi.net
AlphaSSL CA - SHA256 - G2		 2021-01-02 -
2022-02-03		 a year crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-21 -
2022-04-25		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
prodmp.ru
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
openfpcdn.io
Amazon		 2021-11-11 -
2022-12-10		 a year crt.sh
loadercdn.net
R3		 2021-11-26 -
2022-02-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
fcgi5.gnezdo.ru
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
uuidksinc.net
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2021-08-23 -
2022-09-06		 a year crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-12 -
2022-05-13		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
new-programmatic.com
R3		 2021-10-24 -
2022-01-22		 3 months crt.sh
news.gnezdo.ru
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
zn3.2xclick.ru
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
i.mixadvert.com
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
mixadvert.com
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
dmpprof.com
R3		 2021-11-23 -
2022-02-21		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-25		 3 months crt.sh
redintelligence.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
ltmse.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
guepslka.com
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-03 -
2022-03-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh

This page contains 55 frames:

Primary Page: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Frame ID: CE62DE3FDD8CA610C0CCE7964D9C890B
Requests: 253 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8C36387A560B3DB6D79E86F732B5E82A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: EABB0BCC5603ADA0EF53056CA685224B
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 1F4BCEED9EFBFC16D3C573A6198DBE61
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=610&screen_width=1600&reload_count=0&banner_num=1640280693845818990&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Frame ID: CB30A22C8823EF3F168DE3F6AA05C0CC
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7882&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=300&screen_width=1600&reload_count=0&banner_num=1640280693846869038&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Frame ID: 63C41FB2234CB2C8E802D7066168027C
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=610&screen_width=1600&reload_count=0&banner_num=1640280693846882892&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Frame ID: F4D2F6FDCEF857262D4632C12B6624A0
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Frame ID: 0915807D3DA1C6ABF9C0F9923A092519
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=1573534164&lmt=1640280694&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693852&bpp=4&bdt=635&idt=239&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3655874803963&frm=20&pv=2&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255
Frame ID: 70DCDBB65EEA56812227000AA6CF61B3
Requests: 1 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Frame ID: 8372622A3764C5056C28F35B751A60DF
Requests: 24 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Frame ID: EFA9AF0BBE3D3C891981BAF705A87E71
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Frame ID: 5DFE50335FF1661F3BAC1EB53909540B
Requests: 14 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Frame ID: DE7B4268762DCC950541B673748C7322
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Frame ID: 9265E68881445360A2B61236DC893233
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Frame ID: 7724EC60FCA1A354004FB66FC5F50FED
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Frame ID: 33AA94352A933D6C121C1715A4C907FC
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: F980B3F7359451C1FD0C44C72A0DB58B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Frame ID: 1F54988201E37C9D88AA971238209AB7
Requests: 7 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 44A99D0A59AF97802A0F6044F4E61E4E
Requests: 4 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2038647%2C%22cost%22%3A0.000157179%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b3c9b218-591b-4381-b28f-6d812a16aeda%22%7D%2C%7B%22ad_id%22%3A2297870%2C%22cost%22%3A0.000109135%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%222da18b2c-0bf1-471b-993b-c23925a974e6%22%7D%2C%7B%22ad_id%22%3A2287865%2C%22cost%22%3A0.0000614353%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%223b40b3ca-e8d7-48d7-83c9-60b69d4b35a9%22%7D%5D%2C%22unit_id%22%3A7460%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%22%7D
Frame ID: 71FC7A477492D3B47A385B93CBE816B0
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2210828342-1aa9-4bc1-9264-c39322ab0588%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2260a3f0c6-3652-462d-8881-00f102e9fb7e%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2210945c96-76d8-423f-949f-1226611463e5%22%7D%2C%7B%22ad_id%22%3A1714798%2C%22cost%22%3A0.000399628%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229de5e9d3-06ca-4594-b1d2-4ce40a3aa533%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%22%7D
Frame ID: 8F827395F4D06A466D3F20F278E1D73C
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25222050795f-e60c-4a1a-a498-75b1ba484640%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5555%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%2522%257D
Frame ID: 4DBA4E9C2F51E07CBA2E703B3E5F0F1C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: BF17740246393D54B5EEBB50C412078A
Requests: 8 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 5D79DE81C36DF7D69148BF7B5F8300CB
Requests: 4 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297875%2C%22cost%22%3A0.000731996%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22fdfbe9e9-f1f7-4b73-9701-7707a4dd81b8%22%7D%2C%7B%22ad_id%22%3A2004555%2C%22cost%22%3A0.000173399%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b5068207-a773-4e00-a1f6-3e15298a046d%22%7D%5D%2C%22unit_id%22%3A7882%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%22%7D
Frame ID: CA465FCED0588FE06EEBB9B752EDE67B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jz62s76cv5kygepzvnssvew8cetwqefh795rfsab85yqs4dq7c2fzgbedp4cvhg3ccbvtcthkyv803vg2hb11e67v5re0kvgfmcb32k341nqejkmjs84jfaz817mv2habfbc52rj78n4g0c89kqaneb765hj4wydws3x0war4yw6nr4h9bszxwtgkbbs15rtxv8qb329r672eeeg16ss57hswj9bpz1r232jrfbsj6qp87e938mfk0g3k0dmcfwavrmbzjmf83k1ck2sz7sxntv1n7z98r25zf5bttwpkfmmda0qyf5wvq6q1gn07mada80mb08rtqw292zx8q0fchp6b3x1nm2fv6n7r8c9h1tfxczkgcphbxnxnksr0kg8pbzg5y0ersbmpnyrdxyyc36jma3c1yhky3avhcqxgm5xn704mnsr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 89631495A31FF86A6130A6D3B6B38730
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03FD3737F4D0FE40413016103648FEE9
Requests: 9 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 9F7D2E61BBD037D141919CFCEA9A898C
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 8F4E6FF17B23BCA6AC228873C7A3CB3A
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CZPQNdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoElgJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzrN_FoQm5VDRPKYy5InYuCStLQ25Lx1fGIzvCT-gssxyp2l1Dyhv4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=8qg5Y3aD7f8&uach_m=[UACH]&cid=CAQSOwCNIrLMxznfFZtD2NUlVkQQ2nZGJ5kxKmtQJHAGpdulYs_nVLX-Uh-Ft2dmLYUCtnrxvBRav703KmQ-GAE
Frame ID: 074FBE0DE189B4C0837B8533EE94BA09
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gveb4pjasy65z0ecmjp43ym5np0f8yd650yy1f0wj2hvsb1xag033549f1bk8j05m56m9gs4bjb193j93zhaqjepk45sxq6vbtaf784hrja8e4sdesmmrgeex00hkcrv2fb8206vhsw45q9t47yer1xvs7w8nzm27dzx60pa9gqtcwnz6qr239fr4c8dpcznp562mrmghv2k5j6z8ke3rvahtbr9ksh88az7gt81g427atjyww6w5ggehy29mnjxq540stjfe68d7e4ydkexx9qypc6sqv3zra7azyxgsmn0gmt2k90jh7ryrybq157f404w92hdez28w4mevrq6tgcz7e41tv3c3smzra5777k74bjzy2ha5vtge3cjrfbt5e0vp8ewph9zd7sca78e9wfcaqfwt4s586sx9whbfmz1pnbefzdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 5B502014702B631BA82FBADB675360EB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5706DD7413294F2E7922E1A3D0D32466
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gh7sbw49cdt078yg6x9b1wxwvxvm608w7mhb8t6ex9wq8c98p51p20t0xn77qwy0wt13bqg5zsrr7s0t09pf7v2av08zr1x89z7hkbmyae704mta1xz1tgmyqshzfsrtrrc5g4pw4kyxnm3dx2wee16vcpqm3fp74jxxm4x45qh4gvwa2r11j8wp3fh7k1d7415fqjqvx6v710wcnrr0vacn2r1709ccjbgmn7g81dc0f4wee69v56q0fzq4eybgnwmtgptphdp94qxyqcfz1magyb136v6jkmps5ztb6wxbjysgrqwwcfy66j10jgsh0k8kzaws678epksewnmmpqkz47v7faj2w16j9cn8pbeh6rvdyefggjm3gwcxqvevyw3t36xdaaa4tj7c8qkxeb1qd6qaxv078tacw63gvxpst6e3p96c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 9CBBB40E6818DB6C6A01863D151E59E5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9FFC0F689E8078ABFCFB70F8F8873ED2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BCB251838EEE1A80E5DE257DD6663D2B
Requests: 2 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 1DFF3282773A39922F3F2D581EC098FD
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2257fd3843-b9bf-43a7-b337-c737b13fb832%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2256c97c97-a492-451c-8a3a-992fd590f33d%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b233dcba-9496-48e4-8ec9-c29bf0dab1a6%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 418EE349450043DEBEF43E829783E4F2
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2257fd3843-b9bf-43a7-b337-c737b13fb832%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2256c97c97-a492-451c-8a3a-992fd590f33d%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b233dcba-9496-48e4-8ec9-c29bf0dab1a6%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 28B905FAD9F895745A414504711D56DF
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FA4D093CA6DBB6039AC236ABAF361879
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7EE2195B79453941EFE400BF4ECC4A60
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2033F4374ADA36E7967F398726E3B981
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75101400161994200951393011817010&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: 5F5908FED86A636E8BC37B6CBAFD7497
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPa7iuK5-vQCFUJxGwodYyQIFQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546
Frame ID: 0528CA28E880B71FD4860D2106942B1F
Requests: 2 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=75101400161994200951393011817010&a=1ac3d655
Frame ID: 687F9468655A2F42F6186F32CB79F3B4
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 48D9DF370FEABA142348154422232BBE
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: 551D0A517CB7551F458FB451C6920642
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: 6150BCDE7B0E1421603B9848560893EF
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: F4D0255D1B38DF47E4ED429622BA4089
Requests: 14 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1640280697062879751885
Frame ID: 52BC1A248D24DC9B563031F84C66C680
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 5B43E40733A1B729D127C6B4B7259887
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Frame ID: 100D82FE593C0244E7CCEE68ED007F25
Requests: 4 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2257fd3843-b9bf-43a7-b337-c737b13fb832%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 30D46819D38BA900F09F13C9C7C08F74
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2256c97c97-a492-451c-8a3a-992fd590f33d%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 32CA386B49BEB65131638903DD08B1CB
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b233dcba-9496-48e4-8ec9-c29bf0dab1a6%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 6BEC272ACB0914A85FBACD98129AB044
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2257fd3843-b9bf-43a7-b337-c737b13fb832%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2256c97c97-a492-451c-8a3a-992fd590f33d%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b233dcba-9496-48e4-8ec9-c29bf0dab1a6%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 455583FDBE6761D892AF684ED9FAEB41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Шмыгаль рассказал, когда в Украине разрешат введение бустерной дозы вакцины от COVID-19 - Новости Ю

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 80%
Detected patterns
  • hit\.gemius\.pl
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

530
Requests

88 %
HTTPS

22 %
IPv6

91
Domains

129
Subdomains

91
IPs

11
Countries

8636 kB
Transfer

12722 kB
Size

139
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19;0.665050038941615 HTTP 302
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19;0.665050038941615
Request Chain 60
  • https://r.i.ua/s?u224079&p264&n0.860804998418679&c1&d24&w1600&h1200&rnewsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19 HTTP 302
  • https://i.i.ua/r/3_3_1.png
Request Chain 96
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280694&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693856&bpp=4&bdt=639&idt=357&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AAYAgmHbvF&p=https%3A//newsyou.info&dtd=362 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Request Chain 104
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9496.mY4pIUR4Lau-kCeV1wqlUn1Yn03QLQIGUM9gKqUgeShyUVrZJU1tpla17bTwJ0yZ.BuWRfOV53KP2TL2nadoqqo5ifiw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9496.BaFwk9JnTfvtSX_ObjWcqFq_NxpfJQ4lFoe8v6QLrya-piB9bVNA94E-SE3Qcr-myGPfO0_qDbg1ewfIarFvow%2C%2C.6lZ-SPyqk8I0R3bPQk7O1vRD21o%2C
Request Chain 107
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693860&bpp=2&bdt=643&idt=435&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LbfZG4RasH&p=https%3A//newsyou.info&dtd=439 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Request Chain 122
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693863&bpp=1&bdt=646&idt=501&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=uz2d4jNZFk&p=https%3A//newsyou.info&dtd=505 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Request Chain 144
  • https://mc.yandex.com/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1552%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1627649892689%3Ahid%3A788831796%3Az%3A0%3Ai%3A20211223173134%3Aet%3A1640280694%3Ac%3A1%3Arn%3A872272967%3Arqn%3A1%3Au%3A1640280694190662448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280692205%3Ads%3A0%2C162%2C697%2C2%2C1%2C0%2C%2C573%2C7%2C%2C%2C%2C1585%3Adsn%3A0%2C162%2C697%2C2%2C0%2C0%2C%2C573%2C8%2C%2C%2C%2C1584%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280695%3At%3A%D0%A8%D0%BC%D1%8B%D0%B3%D0%B0%D0%BB%D1%8C%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B0%D1%82%20%D0%B2%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B4%D0%BE%D0%B7%D1%8B%20%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%D1%8B%20%D0%BE%D1%82%20COVID-19%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1552%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1627649892689%3Ahid%3A788831796%3Az%3A0%3Ai%3A20211223173134%3Aet%3A1640280694%3Ac%3A1%3Arn%3A872272967%3Arqn%3A1%3Au%3A1640280694190662448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280692205%3Ads%3A0%2C162%2C697%2C2%2C1%2C0%2C%2C573%2C7%2C%2C%2C%2C1585%3Adsn%3A0%2C162%2C697%2C2%2C0%2C0%2C%2C573%2C8%2C%2C%2C%2C1584%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280695%3At%3A%D0%A8%D0%BC%D1%8B%D0%B3%D0%B0%D0%BB%D1%8C%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B0%D1%82%20%D0%B2%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B4%D0%BE%D0%B7%D1%8B%20%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%D1%8B%20%D0%BE%D1%82%20COVID-19%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 149
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=2050795f-e60c-4a1a-a498-75b1ba484640 HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D10&cdsp=363190&user_id=2050795f-e60c-4a1a-a498-75b1ba484640&sct=1 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
Request Chain 150
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=2050795f-e60c-4a1a-a498-75b1ba484640 HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D9&cdsp=363190&user_id=2050795f-e60c-4a1a-a498-75b1ba484640&sct=1 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
Request Chain 154
  • https://px.adhigh.net/p/cm/adpdigital HTTP 302
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
Request Chain 157
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F77B2C46113002372027F5519&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F76B2C4610908F32C0287C49E
Request Chain 158
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F77B2C461180034730272E905&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F76B2C4610908F32C0287C49E
Request Chain 159
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
Request Chain 160
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
Request Chain 161
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=26ffc376-e743-4bc5-5bda-6ab94306a0a6
Request Chain 162
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=d4bcbbe9-a23c-4053-693c-2950c6e89817
Request Chain 213
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnYCY0OO_TBbAg== HTTP 302
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnYCY0OO_TBbAg==&bounce=1
Request Chain 239
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HEsnYCY0OO_TBbAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/N81uM5UbLqGcRe8aL2uB
Request Chain 240
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=uZQlT2HEsnYCY0OO_TBbAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F76B2C4610908F32C0287C49E
Request Chain 241
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HEsnYCY0OO_TBbAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/N81uM5UbLqGcRe8aL2uB
Request Chain 244
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsnYCY0OO_TBbAg== HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsnYCY0OO_TBbAg==&tuid=-4298544379 HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/A_dV2WCRLm88jnH7aIi8_bg
Request Chain 299
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=0b396c07-268e-4eb9-bfd9-c524f8529fe4 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=eb84922169184661b2e1d60d73212483
Request Chain 305
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJMwer_qjSqsKwvmYC1Z4D94X_aSSf7voc23H_MzejwbhqOVLZVL6y2k1NtA7nCJcxxxfEj2J4aozaCLvIuky-z417g4cMyRO0-0IPFAS8U25i1fbN3ng1gultnbnGzkhbP4NCIm0OQ9gKvK45MR9c&google_gid=CAESEPr4uJNvlLBRiOG5TH_QZPk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWR3QUFBSEQ1c0NWSg&google_push=AYg5qPJMwer_qjSqsKwvmYC1Z4D94X_aSSf7voc23H_MzejwbhqOVLZVL6y2k1NtA7nCJcxxxfEj2J4aozaCLvIuky-z417g4cMyRO0-0IPFAS8U25i1fbN3ng1gultnbnGzkhbP4NCIm0OQ9gKvK45MR9c
Request Chain 306
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEO0Ihr44sHnuBZqXlrRmEs4&google_cver=1&google_push=AYg5qPIEXMSIe21USl1KiTARAoMqLdZ8dkH-ZcqxCQO2CSTUfaorZkMk8FhKwbhJ-RHrMyC_lQgJjiAitc-MKIA4dbcLWGQ62hLP0zTy3XeFDn90OeLorJ1yqG_vhuI--CUJexK2bQ_3VFBdEoWUw2o8vZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIEXMSIe21USl1KiTARAoMqLdZ8dkH-ZcqxCQO2CSTUfaorZkMk8FhKwbhJ-RHrMyC_lQgJjiAitc-MKIA4dbcLWGQ62hLP0zTy3XeFDn90OeLorJ1yqG_vhuI--CUJexK2bQ_3VFBdEoWUw2o8vZg&google_hm=Q0FFU0VPMElocjQ0c0hudUJacVhsclJtRXM0
Request Chain 307
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLanov0hRfuHX2INMhgIn6Xrnn9ML1n09PKb7RuWVKREvMDZgjxnJLZlxfcUG34-uE7hjJPcIdIsOZDW54PLB2ISzKxRlXuvQWjri3Tgsn9STNXxrnuCNg18ar468pGuNWh4JUPEtzlirKAjRp4tOs&google_gid=CAESEGahFq0JM4SB-GSksb7Ik1I&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPfkko4GEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVlnNXFQTGFub3YwaFJmdUhYMklOTWhnSW42WHJubjlNTDFuMDlQS2I3UnVXVktSRXZNRFpnanhuSkxabHhmY1VHMzQtdUU3aGpKUGNJZElzT1pEVzU0UExCMklTekt4UmxYdXZRV2pyaTNUZ3NuOVNUTlh4cm51Q05nMThhcjQ2OHBHdU5XaDRKVVBFdHpsaXJLQWpScDR0T3M HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcDk3Nmg0dXR3TFIyc3kzYzBGZXpudGZVUC15NWh1X04wcWxERGV2YWJiUQ==&google_push
Request Chain 309
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG1UEaDwhlGsIse24yHiGew&google_cver=1&google_push=AYg5qPJFuPbfxWqG_EjBG3aZQ6pa91eNbNRgmyD4VBVaO_NssYrPlTsi5kyua3n0F7S-HC_0bwk2o7AXGJf-iYID85ej_kB9yqFhe6ae92RvCegkhxqZdY_xc8Y2LqJXAy8HKCXI16On-6jSXc53dpYk55c HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG1UEaDwhlGsIse24yHiGew&google_cver=1&google_push=AYg5qPJFuPbfxWqG_EjBG3aZQ6pa91eNbNRgmyD4VBVaO_NssYrPlTsi5kyua3n0F7S-HC_0bwk2o7AXGJf-iYID85ej_kB9yqFhe6ae92RvCegkhxqZdY_xc8Y2LqJXAy8HKCXI16On-6jSXc53dpYk55c&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJFuPbfxWqG_EjBG3aZQ6pa91eNbNRgmyD4VBVaO_NssYrPlTsi5kyua3n0F7S-HC_0bwk2o7AXGJf-iYID85ej_kB9yqFhe6ae92RvCegkhxqZdY_xc8Y2LqJXAy8HKCXI16On-6jSXc53dpYk55c
Request Chain 311
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJnG7fsF9goncJXVqZru8AI&google_cver=1&google_push=AYg5qPJLeitaNXCBT8RI2Mldzfzv6IvcEJ92S2jzZjPVskSq2h3aqOSRX4aIVWkujmeyJa_ukaTUfOzxMWLgPz32cS3qMKkOS14yWRJn2qKrMf_yQ8tU8Cogq4n0CYkKJndkO8lygg0CDzw75X0yxTgXU4Q HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJLeitaNXCBT8RI2Mldzfzv6IvcEJ92S2jzZjPVskSq2h3aqOSRX4aIVWkujmeyJa_ukaTUfOzxMWLgPz32cS3qMKkOS14yWRJn2qKrMf_yQ8tU8Cogq4&google_hm= HTTP 302
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Request Chain 318
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=2050795f-e60c-4a1a-a498-75b1ba484640 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
Request Chain 319
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=2050795f-e60c-4a1a-a498-75b1ba484640 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
Request Chain 326
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F76B2C4610908F32C0287C49E
Request Chain 327
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F76B2C4610908F32C0287C49E
Request Chain 328
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
Request Chain 329
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
Request Chain 330
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9d1ce262-7825-4934-6beb-fc89cdecedda
Request Chain 331
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=b762eb0d-af82-4898-764b-f12d06ff842d
Request Chain 359
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEIPBhq-E10mc-8gcKcfRfTo&google_cver=1&google_push=AYg5qPLkharvxrRbU4q0TIuNgzXpDRBCbv0Vnnks0CP5wzWUAWAGK5ivBb0zl2qCDAKMexE3-iyEJOrYs0o0IXvV5wkB4VoB7rxnwLoZUt__5RyOAHJrUGRXxk3JYm8_HqyMMDXXGOhCxIGQ3FypOrjrxg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkharvxrRbU4q0TIuNgzXpDRBCbv0Vnnks0CP5wzWUAWAGK5ivBb0zl2qCDAKMexE3-iyEJOrYs0o0IXvV5wkB4VoB7rxnwLoZUt__5RyOAHJrUGRXxk3JYm8_HqyMMDXXGOhCxIGQ3FypOrjrxg&google_hm=Q0FFU0VJUEJocS1FMTBtYy04Z2NLY2ZSZlRv
Request Chain 362
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ2o6gK-ES5qgdwaKnBfA9I&google_cver=1&google_push=AYg5qPIVcSnsKFUg2IHBIqyfeLcuNclyBk1h1tRmvhAl5FWgwpLivVuQSRmzxiSlaKETvryFe100oIBGKtDVWUwX2kaTaniD3LkqtxWo7cONfH4VqEPiHvjSRcJYeXtpQkKrvyAdx3vpBWmiNF656mRpHA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIVcSnsKFUg2IHBIqyfeLcuNclyBk1h1tRmvhAl5FWgwpLivVuQSRmzxiSlaKETvryFe100oIBGKtDVWUwX2kaTaniD3LkqtxWo7cONfH4VqEPiHvjSRcJYeXtpQkKrvyAdx3vpBWmiNF656mRpHA
Request Chain 363
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEANRk5MyWUran6gSxu7nttw&google_cver=1&google_push=AYg5qPK2tkxftJzD5W0WJkzlJXjOhI7uADhO9GqoiEf0vSBrsJGt1D74bMOpT35ZLyZtjzaA6g9K5xcPE9VkkpKLAMiZLZ0MO2fj1EtBpYOe_oIWGmYk8BZDdnPDxhIIlh6dNWQn7Gp_HazlfurJtTy6h8w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJYOEgtMTAtRjNCQQ==&google_push=AYg5qPK2tkxftJzD5W0WJkzlJXjOhI7uADhO9GqoiEf0vSBrsJGt1D74bMOpT35ZLyZtjzaA6g9K5xcPE9VkkpKLAMiZLZ0MO2fj1EtBpYOe_oIWGmYk8BZDdnPDxhIIlh6dNWQn7Gp_HazlfurJtTy6h8w
Request Chain 365
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHdBt5LPOI8P_UJZWts2dC4&google_cver=1&google_push=AYg5qPLrnEoe-tVGqGVFtyZvwPxHW_qQdtnitjJYfoWacwAk_ru2qYlPHyu7FX7FJibrYjI76GDcv_Ir7IEP1p5H7PZdn7-jAFpJ3EuF-rzUiXtCPlrt9BNTVElRh4a9e84g8TInFUhg-hT_6ZF0iTcMaCA HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLrnEoe-tVGqGVFtyZvwPxHW_qQdtnitjJYfoWacwAk_ru2qYlPHyu7FX7FJibrYjI76GDcv_Ir7IEP1p5H7PZdn7-jAFpJ3EuF-rzUiXtCPlrt9BNTVE&google_hm= HTTP 302
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Request Chain 368
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEFGo_zWihbm6Tio7SIeNlHw&google_cver=1&google_push=AYg5qPIlgM7y7YMUhnVyQzd4tyUEjrwMnFoL90s5azcQSYk2XFdRMwo5_Pey4RMnHdlZmzirIOjnkRtmVRB9X7WuyorDBbVbco_i41sGuAsG38c4Iaag9f2PTtqqg3LqE0wE05nGfYM0zBvlO-6ldHifKg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIlgM7y7YMUhnVyQzd4tyUEjrwMnFoL90s5azcQSYk2XFdRMwo5_Pey4RMnHdlZmzirIOjnkRtmVRB9X7WuyorDBbVbco_i41sGuAsG38c4Iaag9f2PTtqqg3LqE0wE05nGfYM0zBvlO-6ldHifKg&google_hm=Q0FFU0VGR29feldpaGJtNlRpbzdTSWVObEh3
Request Chain 370
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLpzYI4YBgz5o6-R4e3SRMCZk_m-iYsXJ5htzsE3eqK8qkP8R7rOpGnD-tPC1hJzPoo6TB7CVSwLY7BA8d-K1nfdULmO6WxsTHj437Z_NEkPVL7V8o2HyWxiTFerhBUZk07kyE6W5y4jo4lUvg8YMU&google_gid=CAESEEyEc5QDGysEjcGBNpDnTG4&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLpzYI4YBgz5o6-R4e3SRMCZk_m-iYsXJ5htzsE3eqK8qkP8R7rOpGnD-tPC1hJzPoo6TB7CVSwLY7BA8d-K1nfdULmO6WxsTHj437Z_NEkPVL7V8o2HyWxiTFerhBUZk07kyE6W5y4jo4lUvg8YMU&google_gid=CAESEEyEc5QDGysEjcGBNpDnTG4&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzYwMDAxNjA2OTI3ODM4OA%3D%3D&google_push=AYg5qPLpzYI4YBgz5o6-R4e3SRMCZk_m-iYsXJ5htzsE3eqK8qkP8R7rOpGnD-tPC1hJzPoo6TB7CVSwLY7BA8d-K1nfdULmO6WxsTHj437Z_NEkPVL7V8o2HyWxiTFerhBUZk07kyE6W5y4jo4lUvg8YMU
Request Chain 372
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA
Request Chain 390
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 393
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=75101400161994200951393011817010&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75101400161994200951393011817010&actionid=731824&produktid=businessgiro&dt_url=
Request Chain 395
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPa7iuK5-vQCFUJxGwodYyQIFQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546
Request Chain 397
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=75101400161994200951393011817010 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 444
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIDzx0oQL0lq7weq_bRgluc&google_cver=1&google_push=AYg5qPJJqGnAcpDqnhyYE1WwdidvYv4s5fog9kah2TjPo9KnM0JXHp55LMEapCA0mKtQ_CrY6UillmWV24V5GRyM_vMkFlz1CA9SECHyZhNrHEBE7lS5PWqaFSe841NooKeeWgYfB2yNwBtrdXJA9ehOdZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJJqGnAcpDqnhyYE1WwdidvYv4s5fog9kah2TjPo9KnM0JXHp55LMEapCA0mKtQ_CrY6UillmWV24V5GRyM_vMkFlz1CA9SECHyZhNrHEBE7lS5PWqaFSe841NooKeeWgYfB2yNwBtrdXJA9ehOdZQ&google_hm=MkqhmvUEoC7iP-31GCTFyg
Request Chain 445
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEDZXUXXuWg39cse0YWRZXk0&google_cver=1&google_push=AYg5qPIQVmK80m49CwEFGJrC5sk3c2f_7FmxCSTlj06k2fT9Nt42B6JIDNNLFE52GLO85XpytOdkcxomfggen_LBBtSifPw-DlyZ7oVByJFTjNxWsGB5eYH0IOTLbo9OukuFcPacNsSD5p68w1-tkln6-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIQVmK80m49CwEFGJrC5sk3c2f_7FmxCSTlj06k2fT9Nt42B6JIDNNLFE52GLO85XpytOdkcxomfggen_LBBtSifPw-DlyZ7oVByJFTjNxWsGB5eYH0IOTLbo9OukuFcPacNsSD5p68w1-tkln6-Q&google_hm=Q0FFU0VEWlhVWFh1V2czOWNzZTBZV1JaWGsw
Request Chain 447
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECokANMqQVkX48mkglKLsE8&google_cver=1&google_push=AYg5qPL5mp2JqrIqHmCb_jTCUF6SjV3LrnHB4q0rjPrK5ZWCB1SRTt0O3PzB-AcoXnzKUtN8InqzxH8QC4Uv2apWfOnLC9J2llCoeB0MRj64oFeYmCUSWzc-JBzQucfpQhTJR1SDEqJef77d1g9K_znwbGk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL5mp2JqrIqHmCb_jTCUF6SjV3LrnHB4q0rjPrK5ZWCB1SRTt0O3PzB-AcoXnzKUtN8InqzxH8QC4Uv2apWfOnLC9J2llCoeB0MRj64oFeYmCUSWzc-JBzQucfpQhTJR1SDEqJef77d1g9K_znwbGk
Request Chain 448
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENjLpJ_UoXt3Du_F4_2jWhs&google_cver=1&google_push=AYg5qPLWhfz9WeWfxON1IBRlNHxoUy4Ne0A8g8Do8X0uzMvXFqD0xt_WP4_neDUfMBggZuHwDSk2AHyclBnG77LOpKWEz84uXq_qRkuc7F8Jt_HfuSy4T3yH0VSbjMJ-iXecP6NWPUuU3wD9ji5CFxvNOg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJYVFEtRC1IUTY3&google_push=AYg5qPLWhfz9WeWfxON1IBRlNHxoUy4Ne0A8g8Do8X0uzMvXFqD0xt_WP4_neDUfMBggZuHwDSk2AHyclBnG77LOpKWEz84uXq_qRkuc7F8Jt_HfuSy4T3yH0VSbjMJ-iXecP6NWPUuU3wD9ji5CFxvNOg
Request Chain 449
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_cver=1&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg
Request Chain 450
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEBP5h-61MwE6nw_w-NDeBQ&google_cver=1&google_push=AYg5qPLmlIvxBwiKfisxopBk7DFG9kyVSDjhxtH8tCJ3F68k8e_DtfVk0yd_nVA-EdYQ7oVD_1OrtCoEEPkZbKakfCkQ-dqUwnnBRGFLvWdBQGcG00n5aN4RW2ioy7XWk3i63Eg2KBvaYdQJelqhWqZlpAE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLmlIvxBwiKfisxopBk7DFG9kyVSDjhxtH8tCJ3F68k8e_DtfVk0yd_nVA-EdYQ7oVD_1OrtCoEEPkZbKakfCkQ-dqUwnnBRGFLvWdBQGcG00n5aN4RW2ioy7XWk3i63Eg2KBvaYdQJelqhWqZlpAE&google_hm=l3_05KldTmCNyomlpBhF2g
Request Chain 475
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313760669264943X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021122318313760669264943X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313760669264943X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Request Chain 478
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021122318313760669264967X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313760669264967X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Request Chain 485
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313760669264945X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021122318313760669264945X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313760669264945X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Request Chain 488
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122318313760669264949X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313760669264949X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Request Chain 496
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJ22oeK5-vQCFSvYEQgdcD0Pmg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280697_2e634ac0-6416-11ec-92b1-22382f8dc9cc
Request Chain 502
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Request Chain 503
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJueXdqWXlsUXY5&muidn=lbnywjYylQv9 HTTP 302
  • https://cm.mgid.com/google?muidn=lbnywjYylQv9&google_ula={guid},5&google_gid=CAESEPRwSa0ktQHwJZ1zn25ia7w&google_cver=1
Request Chain 504
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=09377480-01dc-4aa3-b22d-98e4a1bc3421
Request Chain 505
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=OIKxbq2drT3AbbjbieooYB_b&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=e8feb77e-2d20-41f4-af93-fe34fde72e1d&gdpr=&gdpr_consent=&us_privacy=
Request Chain 507
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=b4794f3a-aa96-44fd-8779-db95e1958bc3&ttl=1642872697
Request Chain 508
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=0038314a-ff12-41d1-a240-2e066dd288ad
Request Chain 509
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbnywjYylQv9 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=907533672312298459&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 511
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lbnywjYylQv9 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lbnywjYylQv9 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/e8feb77e-2d20-41f4-af93-fe34fde72e1d?gdpr=&gdpr_consent=
Request Chain 513
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=TYYGTk8kpRtwKIwlBwe6&pi=mgid&tc=1

530 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
newsyou.info/ 		109 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
b15cd9beb3bdcdda04248a93336758e6cc23267c4dacff7f0a3c05d9abc5f7bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:18 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
28663
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Link
<https://newsyou.info/wp-json/>; rel="https://api.w.org/", <https://newsyou.info/wp-json/wp/v2/posts/582808>; rel="alternate"; type="application/json", <https://newsyou.info/?p=582808>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
mainstyle10.css
newsyou.info/ 		36 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/mainstyle10.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
a0a8aafea7c182cd50d239de71da565129cb1110563f5c87ede4f0bdd740008f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:31 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37351
Expires
Thu, 30 Dec 2021 17:26:19 GMT
magnific-popup.css
newsyou.info/wp-content/themes/newsyou/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/css/magnific-popup.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:07 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6951
Expires
Thu, 30 Dec 2021 17:26:19 GMT
jquery-1.11.1.min.js
newsyou.info/wp-content/themes/newsyou/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/jquery-1.11.1.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95786
Expires
Thu, 30 Dec 2021 17:26:19 GMT
scripts.js
newsyou.info/wp-content/themes/newsyou/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/scripts.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:10 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23604
Expires
Thu, 30 Dec 2021 17:26:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e14abf506055d90555ee729a25c42a62a6a83c6435fbe9f22342e14195eaed6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51838
x-xss-protection
0
server
cafe
etag
16410433188353602450
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:33 GMT
script.js
vcmjf535tx.ru/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vcmjf535tx.ru/script.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
93295644da9af673ecf074ce2a3962f685662b6f69c498a77a37e4708b84ce5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
x-adsbid-request
ucdxjtompvx5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
server
nginx/1.18.0
otv1l7192ivl0pmy03q8h867quv768kypg019a.php
ocmurc.com/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 11:24:02 GMT
server
nginx/1.14.2
etag
"61714dd2-4abc"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
19132
smi.js
jsn.24smi.net/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/smi.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72eb47be0de224add691e0ad18bf8ff3decae4be687d16893ae7bf2be0759fed
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 09:02:21 GMT
server
cloudflare
age
107
etag
W/"6166a09d-15d1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352ffcbac4a74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:29:46 GMT
gqzgemrxgm5ha3ddf43tkoi
calculator.codes/code/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://calculator.codes/code/gqzgemrxgm5ha3ddf43tkoi
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.22.198.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b0e5467938f7f0522b3d3943015cc3e72a0ec70f5e6bb0e33550f50b5d398f59
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:33 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
style.min.css
newsyou.info/wp-includes/css/dist/block-library/ 		79 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:37 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80574
Expires
Thu, 30 Dec 2021 17:26:19 GMT
wp-automatic.css
newsyou.info/wp-content/plugins/wp-automatic/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/css/wp-automatic.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 24 Nov 2021 08:11:31 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2713
Expires
Thu, 30 Dec 2021 17:26:19 GMT
jquery.min.js
newsyou.info/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:29 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89521
Expires
Thu, 30 Dec 2021 17:26:19 GMT
jquery-migrate.min.js
newsyou.info/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:28 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11224
Expires
Thu, 30 Dec 2021 17:26:19 GMT
main-front.js
newsyou.info/wp-content/plugins/wp-automatic/js/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/js/main-front.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 24 Nov 2021 08:11:36 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1017
Expires
Thu, 30 Dec 2021 17:26:19 GMT
logo.png
newsyou.info/wp-content/themes/newsyou/img/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:08 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24862
Expires
Thu, 30 Dec 2021 17:26:19 GMT
2694868.jpg
newsyou.info/wp-content/uploads/2021/12/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/2694868.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
42f1001a0d21e42b0a40b9ff231b0ba95c48b4fd2fa21d3e4f1aba15e202b018

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 22 Dec 2021 19:36:37 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115802
Expires
Thu, 30 Dec 2021 17:26:19 GMT
view.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/view.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15253
Expires
Thu, 30 Dec 2021 17:26:19 GMT
JP1qtZVugHn4XCGbHKCu5CvsFEoAMWfovjsOTqvJ.jpeg
newsyou.info/wp-content/uploads/2021/12/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/JP1qtZVugHn4XCGbHKCu5CvsFEoAMWfovjsOTqvJ.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
578b130d8727e233ece4772e7fd7680c22d200c00c76135d141a9ce2327f9126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Tue, 21 Dec 2021 19:02:52 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50434
Expires
Thu, 30 Dec 2021 17:26:19 GMT
8c5b19b-16poroshenko-1024x610-1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/8c5b19b-16poroshenko-1024x610-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
584cef30c8b0276d0fa2b0a7999ca5eb2de381f83546601106665e47d538f23c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Tue, 21 Dec 2021 19:00:58 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53266
Expires
Thu, 30 Dec 2021 17:26:19 GMT
menum.png
newsyou.info/wp-content/themes/newsyou/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/menum.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3725
Expires
Thu, 30 Dec 2021 17:26:19 GMT
sbtn.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/sbtn.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15582
Expires
Thu, 30 Dec 2021 17:26:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5994697028380609
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da5ddae929f113095ffc207a7df0dc6db73ee540210bc96dad5ef05590d17e4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51802
x-xss-protection
0
server
cafe
etag
15820346222443494367
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:33 GMT
loader.js
news.2xclick.ru/ 		102 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/loader.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
3eb4db2e6c27e9a8a54e3a1d233f47265a21634f8021c4f750578e5af7f2c590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Nov 2021 08:40:17 GMT
Server
nginx/1.10.3
ETag
"61a5e371-4e4d"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
application/javascript
Content-Length
20045
Expires
Fri, 24 Dec 2021 17:31:33 GMT
newsyou.info.1122348.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
br
cf-cache-status
HIT
age
3462
last-modified
Thu, 25 Nov 2021 11:26:29 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T72570RD0NPJGY08
x-amz-id-2
a28riq9jUGJJUVnKtT/pPOakUJ/WNw4ov5gAPz8DHVaSeh451uIM0yF56/HmeLWFnFnvFX0c6mE=
cf-bgj
minify
server
cloudflare
etag
W/"4a5ade7ca18e6cd9b124c7e488981183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2353000a90c29a-FRA
expires
Thu, 23 Dec 2021 20:31:33 GMT
newsyou.info.1146775.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8d71bdcae968558d46992970999923a5644067497dc156f3f888f517a58b9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
br
cf-cache-status
HIT
age
3462
last-modified
Thu, 25 Nov 2021 11:17:38 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VEGVT66BEMX4F1J1
x-amz-id-2
AI3/DIVSFpgmpWwOYqkeqn33GG85H2ENhud+ExCWyL8YWoRV8GzXXP9xMOUlvUgAywszU3keT14=
cf-bgj
minify
server
cloudflare
etag
W/"954fed81ee1ba109d87b56eb30d13bf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2353000a92c29a-FRA
expires
Thu, 23 Dec 2021 20:31:33 GMT
1640252769_4184.svg
newsyou.info/wp-content/uploads/imga6695d8/23-12-21/ 		327 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/imga6695d8/23-12-21/1640252769_4184.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
b1d8189f87b428e1e35303478ce05cf5100756c6deaf1e8517be0c2d5554c87c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 23 Dec 2021 09:46:09 GMT
Server
nginx/1.2.1
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
327
Expires
Thu, 30 Dec 2021 17:26:19 GMT
%D0%91%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD-%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB-%D0%B1%D1%83%D0%B4%D0%B5%D1%82-%D0%BB%D0%B8-%D0%BE%D0%BD-%D0%B1%D0%B0%D0%BB%D0%BB%D0%BE%D1%82%D0%B8%D1%80...
newsyou.info/wp-content/uploads/2021/12/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%91%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD-%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB-%D0%B1%D1%83%D0%B4%D0%B5%D1%82-%D0%BB%D0%B8-%D0%BE%D0%BD-%D0%B1%D0%B0%D0%BB%D0%BB%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F-%D0%BE%D0%BF%D1%8F%D1%82%D1%8C.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c71cfdc5d8624558e2cc670a0dfacfca40f7bafd4f1393ed067e4e381ad8e6e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 23 Dec 2021 05:37:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64815
Expires
Thu, 30 Dec 2021 17:26:19 GMT
https___ukr.media_static_ba_aimg_4_3_5_435738_1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/https___ukr.media_static_ba_aimg_4_3_5_435738_1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
fd42eb21f950a6ebd0e3eb2b9194232ddb6e1421fab1503b03a6d16a7476aecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 22 Dec 2021 08:25:28 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198298
Expires
Thu, 30 Dec 2021 17:26:19 GMT
shutterstock_568076731-750x400-2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/shutterstock_568076731-750x400-2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
86c269f58ff013e4c961ae50583e44adfd794f0d415030a549cf2f92db0295b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 22 Dec 2021 07:02:56 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26485
Expires
Thu, 30 Dec 2021 17:26:19 GMT
https___ukr.media_static_ba_aimg_4_3_5_435758_1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/https___ukr.media_static_ba_aimg_4_3_5_435758_1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
7bea74a8949fb8732fcd7fa98dc7f441dde603024aa79ddd781521c85dd33b93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 22 Dec 2021 08:23:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108153
Expires
Thu, 30 Dec 2021 17:26:19 GMT
Muesli_Coffee_Fruit_46766-750x400-2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/Muesli_Coffee_Fruit_46766-750x400-2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0b033515b1023d80f80ee227136cf5509f6e5b66bb39450ddafa1d1bb5b2acab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 22 Dec 2021 06:59:08 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84867
Expires
Thu, 30 Dec 2021 17:26:19 GMT
2694720-1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/2694720-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f2748fdac882bab3f3e1215e9946e0bb4a1b8a1af4c9a6b124e86ceda52ec531

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 22 Dec 2021 19:38:29 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113443
Expires
Thu, 30 Dec 2021 17:26:19 GMT
%D0%92%D0%BB%D0%B0%D1%81%D1%82%D0%B8-%D0%94%D0%B5%D0%BB%D0%B8-%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%82%D0%B8%D0%BB%D0%B8-%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-%D0%A0%D0%BE%...
newsyou.info/wp-content/uploads/2021/12/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%92%D0%BB%D0%B0%D1%81%D1%82%D0%B8-%D0%94%D0%B5%D0%BB%D0%B8-%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%82%D0%B8%D0%BB%D0%B8-%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-%D0%A0%D0%BE%D0%B6%D0%B4%D0%B5%D1%81%D1%82%D0%B2%D0%BE-%D0%B8-%D0%9D%D0%BE%D0%B2%D1%8B%D0%B9-%D0%B3%D0%BE%D0%B4.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
96365d0efa97cf43a947425785b2bad3f7eb518f6222143d2674cbf29fe92d3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 23 Dec 2021 02:36:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86952
Expires
Thu, 30 Dec 2021 17:26:19 GMT
%D0%94%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D1%82-Nutella-%D0%9A-%D1%87%D0%B5%D0%BC%D1%83-%D0%B5%D1%89%D0%B5-%D0%BF%D1%80%D0%B8%D0%B2%D0%B5%D0%B4%D0%B5%D1%82-%D0%BE%D0%B1%D0%B2%D0%B0%D0%BB-%D0%BB%D0%B8%D1...
newsyou.info/wp-content/uploads/2021/12/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%94%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D1%82-Nutella-%D0%9A-%D1%87%D0%B5%D0%BC%D1%83-%D0%B5%D1%89%D0%B5-%D0%BF%D1%80%D0%B8%D0%B2%D0%B5%D0%B4%D0%B5%D1%82-%D0%BE%D0%B1%D0%B2%D0%B0%D0%BB-%D0%BB%D0%B8%D1%80%D1%8B.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
1e98a3ede349fecfd14a4b6cefad84f9b31076e53f30fb2bbb63adcd54f0f64f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 22 Dec 2021 23:35:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
200937
Expires
Thu, 30 Dec 2021 17:26:19 GMT
1640255354_6952.jpg
newsyou.info/wp-content/uploads/imga6695d8/23-12-21/ 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/imga6695d8/23-12-21/1640255354_6952.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ebe43817c43c329b2bcf2d0c367782a3085ca9afe0134f56c778be2dfc5bd4d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 23 Dec 2021 10:29:14 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
296043
Expires
Thu, 30 Dec 2021 17:26:19 GMT
%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%9F%D0%B0%D0%B2%D0%BB%D0%B0-%D0%93%D0%BB%D0%BE%D0%B1%D1%8B-%D0%BD%D0%B0-17-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021-%D0%B2%D1%81%D0%B5-%D0...
newsyou.info/wp-content/uploads/2021/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%9F%D0%B0%D0%B2%D0%BB%D0%B0-%D0%93%D0%BB%D0%BE%D0%B1%D1%8B-%D0%BD%D0%B0-17-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021-%D0%B2%D1%81%D0%B5-%D0%B7%D0%BD%D0%B0%D0%BA%D0%B8-%D0%B7%D0%BE%D0%B4%D0%B8%D0%B0%D0%BA%D0%B0.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ed79ab516c86cb0b3da37d48ebca6f7b1f0b979325cb02db26bf5208cf00dbd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 16 Dec 2021 14:33:06 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48264
Expires
Thu, 30 Dec 2021 17:26:19 GMT
197_olya_polyakova2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/197_olya_polyakova2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
62c9183ace7ffb179b0dcfe1b88a807e6bc9a649eb6dd0936b7ba94528524929

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 22 Dec 2021 20:54:15 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
193201
Expires
Thu, 30 Dec 2021 17:26:19 GMT
40c4bb177b051d9f40ffa69414b2d5e9.jpeg
newsyou.info/wp-content/uploads/2021/12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/40c4bb177b051d9f40ffa69414b2d5e9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8b659f72017df1d6cdc07307be915ec445d7640648eda9f055cffa10dafdc722

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Wed, 22 Dec 2021 20:49:10 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72552
Expires
Thu, 30 Dec 2021 17:26:19 GMT
%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9-%D0%B3%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E-%D1%81-13-%D0%BF%D0%BE-19-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B...
newsyou.info/wp-content/uploads/2021/12/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9-%D0%B3%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E-%D1%81-13-%D0%BF%D0%BE-19-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
dbe0cf6b50ec23fd38afc516f0b26906780ec018276247a735f51a47a7aa76fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Sat, 11 Dec 2021 02:00:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
187735
Expires
Thu, 30 Dec 2021 17:26:19 GMT
newsyou.info.1024868.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad9efa7148c3b033e0430aa47c0d7279c5fb9ae699f34cc794b361bc96171cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
br
cf-cache-status
HIT
age
3041
last-modified
Thu, 02 Dec 2021 15:01:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VJDH08A10XP55WF1
x-amz-id-2
dHzn/3sEgEOM/mEzVYQYC4D8BZGGCpMWn3Vb0dvbCMYhBGNvhecteUF4ctWNa/kXiw9d/LIYuDY=
cf-bgj
minify
server
cloudflare
etag
W/"49a1b7d557a988c4e4f78eb5f865547e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2353000a97c29a-FRA
expires
Thu, 23 Dec 2021 20:31:33 GMT
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1779786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2695
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-31fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YD5BkBCebUCTDbV2ZjT33QreM2Ln%2FzKyP7diALaOWgfiN6bCg2nsOKxBM5Ch6JH79UMpExuNnf8AiPNwYLBlmW8kSSnDu3sB%2FFGyWr7jZzINFs5JbmgM71rq8ubOV41ijBOVWWGc6ZVfjFqMyZss%2Bxu7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c2352ffda81374b-MXP
expires
Tue, 13 Dec 2022 17:31:33 GMT
jquery.fancybox.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		157 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1779058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32145
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-2739b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOXv8%2Fh71q8a1584XhU0GNxJ2fVMke1iSysfAzHlGa9KOlDbTAf%2FEqV%2BvFXpg0u8augQqr6hbxZAsNNsxj%2Bt4mkfvUVDbd6M1qH0EvU5cRLRFh2ayWqy7vH5v7UAvNSWeyOLV%2BtZAyg35lC3nEo4FWpp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c2352ffda84374b-MXP
expires
Tue, 13 Dec 2022 17:31:33 GMT
rotator.js
newsyou.info/wp-content/themes/newsyou/js/ 		207 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/rotator.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:10 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207
Expires
Thu, 30 Dec 2021 17:26:19 GMT
av.js
ppvesdfiojol.com/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/av.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ae07ae363826bb4478d2028eebbf5b01267fa4afa9af5aec85e00ac13c3e8736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:25:30 GMT
server
nginx
etag
W/"618ce18a-b8fc"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=60
content-type
application/javascript
x-variti-ccr
412999200:1
expires
Thu, 23 Dec 2021 17:32:33 GMT
media
a4p.adpartner.pro/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
7e436efe4ae1cd0ebb3e5fef30ea54de8151e1dfabd9cdc0abe1b87e7b216183

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
truncated
/ Frame 8C36 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6d89e3b5fe9105c2adc070949d5b9f61a63700b8227950e4ea732b1c5699519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
76ujLEOM+yzqrjMj0l8b3Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
mb1QizgZStI6UyYQjpaLCzs1H4plBaQzoB/adzdvVELJjovmnYDJ2PXib621HluN/tfmytAWjtpxsSKzasWqbg==
x-fb-trip-id
917726464
x-fb-content-md5
5bbc8fa26995ad49782b4e26ec6e66ae
x-frame-options
DENY
date
Thu, 23 Dec 2021 17:31:33 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3dcaf8b0bf95a7314cc92248bf1559b8"
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:48:38 GMT
b286ae57.js
pxksnymto.ru/pixels/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxksnymto.ru/pixels/b286ae57.js
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9fd72153ba3e8a36d7e6a93d9bd5acb61f8f1cde905b95955a10761aa7e3636d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-store
last-modified
Mon, 20 Dec 2021 09:18:45 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
index.php
telegram.im/widget-button/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 23 Dec 2021 17:31:32 GMT
Server
nginx
Strict-Transport-Security
max-age=0
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.013208826601090351
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e0f6416dc40f594e5bf75a059332dcd8cb08eb7d5646d504dc9d091a02b93d67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.7689991202448512
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
9cd468de1b3f191ce31ba0140320da8e72be548b026f02c20c23c74b1b54bde9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5876&r=0.3053962632886278
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
f520c872f513643d36ea77f3683d6a814d16ee031c43542aaa1e5c7e058a12a7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
13245.js
jsn.24smi.net/d/6/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
487
etag
W/"6152c8b3-c46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2353003c9d4a74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:23:26 GMT
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7880&r=0.9145294879227555
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
cf971a227184a2fdbcca8db8f596b2a9b762d62cf724d90172918256740cf381
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
menu.png
newsyou.info/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/menu.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2563
Expires
Thu, 30 Dec 2021 17:26:19 GMT
13267.js
jsn.24smi.net/4/0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
520
etag
W/"6152c8b3-b81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352fffc024a74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:22:53 GMT
13248.js
jsn.24smi.net/e/7/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
393
etag
W/"6152c8b3-900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352fffc034a74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:25:00 GMT
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7858&ref=&0.49169634000182505
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
6385d0db2c1e5c55693845dadc929a3ce076c20198add4f6a19ac7efc2ad85b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=6822&r=0.7662008199342989
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
31e8033a51a43be504de530158a1237d9803c11fec26555b4c5ad1505ccf422d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19;0.665050038941615
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19;0.665050038941615
149 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19;0.665050038941615
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
9eec64368167047f9d996ee210b6d3bb01980aabadd30d0c9a65c6ed78bbd35e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:46 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
149
Expires
Tue, 22 Dec 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:46 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19;0.665050038941615
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 22 Dec 2020 21:00:00 GMT
3_3_1.png
i.i.ua/r/
Redirect Chain
  • https://r.i.ua/s?u224079&p264&n0.860804998418679&c1&d24&w1600&h1200&rnewsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
  • https://i.i.ua/r/3_3_1.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.i.ua/r/3_3_1.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Server
91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
sh02.mi6.kiev.ua
Software
nginx /
Resource Hash
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:34 GMT
Last-Modified
Mon, 19 Mar 2007 13:53:49 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1233
Expires
Fri, 23 Dec 2022 17:31:33 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:33 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location
https://i.i.ua/r/3_3_1.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Expires
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1827
date
Thu, 23 Dec 2021 17:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 19:01:06 GMT
tag.js
mc.yandex.ru/metrika/ 		194 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
br
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-10765"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67429
expires
Thu, 23 Dec 2021 18:31:33 GMT
/
ppvesdfiojol.com/ 		83 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4ac318b1433cec61648ac7592a818153258dbbff724264b2671b42c545ca848e

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
412999200:2
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
utarget.ru/ranging/00cb2399e4/js/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/ranging/00cb2399e4/js/?rand=6937&cookie=0
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
utarget.pro
Software
nginx /
Resource Hash
4c141ae90007078a4882d940070831acc1fa3275a6aa4231dcac3c477b8ff555

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:33 GMT
Server
nginx
P3P
CP="NON DSP COR CURa TIA"
Vary
Accept-Language, Cookie
Content-Language
ru
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=utf-8
cfg
data.24smi.net/ 		391 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=14482&ver=27&pio=true&pps=true&callback=__smiCb1640280693770
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
dce6169b13b7d466050667fede8ba075dcdbefc6d9c93d68f2aaa52a96fc82c6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-store
server
nginx
content-length
391
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
6ed056a9.js
pxksnymto.ru/pixels/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxksnymto.ru/pixels/6ed056a9.js
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bff6fe2953477c19b112787a90875cba98f8fc5204e4c455fa3a70f700188269

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-store
last-modified
Mon, 20 Dec 2021 09:18:45 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cfg
data.24smi.net/ 		392 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13248&ver=27&pio=true&pps=true&callback=__smiCb1640280693771
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
41217f510ab18798464ae7ea2fd8b6242d185ea80c11f55f013e3e115546e8a8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
cfg
data.24smi.net/ 		392 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13267&ver=27&pio=true&pps=true&callback=__smiCb1640280693772
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
8bdb1dace4c698b2c5709101a6d7a66d27abdede35d4d6b5246db6e670181478
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
sdk.js
connect.facebook.net/ru_RU/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=323e44a776a35b938ef778f7b07c4abb
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dfe0de6e117fe3ddc32d7d5bc796bc279a336a4a70f8236eb9a45f743fad8e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ouSOhGqWrq1gLIRWEWoFtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83502
x-fb-rlafr
0
x-fb-debug
+w6H3y6SWOasClU026hZjcZFkCXtTMnfLNqDzyc4Eo1d4jyQuy9gdiDON2UVRMS0k708t/ARCb9hfFCzJu0A3g==
x-fb-content-md5
c405d8e17f05f0fab437c33328c1ec1d
x-frame-options
DENY
date
Thu, 23 Dec 2021 17:31:33 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8c7705cd52a9f12346363f47a8f0b964"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Dec 2022 16:56:14 GMT
newsyou.info.1122348.es6.js
jsc.mgid.com/n/e/ 		239 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
br
cf-cache-status
HIT
age
3388
last-modified
Thu, 02 Dec 2021 15:43:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RC20466EQDSMKB74
x-amz-id-2
wjLf5GDA4qP53hmCzSKeiCACTuV3faSjipVI7ZK729oaeXQf2DBL7mbyK8HhIkpzM1cZE/a+lHo=
cf-bgj
minify
server
cloudflare
etag
W/"3549c59b252a1dff4f0ed90218a6b365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c235300a9176916-FRA
expires
Thu, 23 Dec 2021 20:31:33 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
4507154694380913909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame EABB 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 22 Dec 2021 18:37:20 GMT
expires
Wed, 05 Jan 2022 18:37:20 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
82453
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
newsyou.info.1146775.es6.js
jsc.mgid.com/n/e/ 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
br
cf-cache-status
HIT
age
3388
last-modified
Thu, 02 Dec 2021 15:50:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
6YY7XMJG5B0FXM6E
x-amz-id-2
FS7rXj34WLuvtkUZ21it+mYswuZvNkX+p9qe+y1DDq2omXJ1ALpy+5nkbP0s/ofO2SWnfXImJ7U=
cf-bgj
minify
server
cloudflare
etag
W/"bc159291689d374b57f73dde254fa617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2353013a436916-FRA
expires
Thu, 23 Dec 2021 20:31:33 GMT
newsyou.info.1024868.es6.js
jsc.mgid.com/n/e/ 		241 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3117ef8de99c385baec23e1ff509a1cbdb1efec22548af8218108e58a9669216

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
content-encoding
br
cf-cache-status
HIT
age
3684
last-modified
Thu, 02 Dec 2021 15:01:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
EKNC2B056DVH381Q
x-amz-id-2
YoWbhVXUKecBzFeX+qTy0G0/QGN72sA2N5Hh7rsY2eelGDMKodHQNpiElPqbCwXtXt6ehycXwoE=
cf-bgj
minify
server
cloudflare
etag
W/"04e832b814fb49973f6ea86d571d84a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2353013a446916-FRA
expires
Thu, 23 Dec 2021 20:31:33 GMT
z
s.zmctrack.net/ Frame 1F4B 		52 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
3a2eec023adc8c05274eed54b4443f2a95502bba843fe0685313d992785f7c6e

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23804
expires
Thu, 01 Jan 1970 00:00:01 GMT
cfg
data.24smi.net/ 		392 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13245&ver=27&pio=true&pps=true&callback=__smiCb1640280693773
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
5349d4b7f9104cb6f901a952a12c420891fbef4ce8a02e3b9e72e834316aaa4b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
d60c1733aa08b9c-1635069053.jpg
ppvesdfiojol.com/upload/202110/7b1bc6dcdc3764e8/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202110/7b1bc6dcdc3764e8/d60c1733aa08b9c-1635069053.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed5a11894c21c008675badc52c7d06a2b7c37789074ea71fad33c3f449048d1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
last-modified
Sun, 24 Oct 2021 09:50:53 GMT
server
nginx
etag
"61752c7d-294c"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
10572
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999200:3
65f0be96ec82bfb-1640125395.jpg
ppvesdfiojol.com/upload/202112/0b43bcd0f0435025/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/0b43bcd0f0435025/65f0be96ec82bfb-1640125395.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
1ed1d1cb8623bf3167e5cbb2b7c30b8d26f243976ee9f6788d34a4e4b2de3d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
last-modified
Tue, 21 Dec 2021 22:23:15 GMT
server
nginx
etag
"61c253d3-462e"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
17966
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999200:4
0e278e7063abb76-1640126863.jpg
ppvesdfiojol.com/upload/202112/a16f7ae21631798b/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/a16f7ae21631798b/0e278e7063abb76-1640126863.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c29fb37699996df1d4eb577635c7e9a2b159abf4e95fd99101ddd20f421f5d63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
last-modified
Tue, 21 Dec 2021 22:47:43 GMT
server
nginx
etag
"61c2598f-462a"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
17962
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999200:5
b5f36d7de5b31f8-1639937121.jpg
ppvesdfiojol.com/upload/202112/6db5449f752873ab/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/6db5449f752873ab/b5f36d7de5b31f8-1639937121.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e75ed43041906d7a1a30057773711c90085183a5f4563f5279cfb0519a3c4ed8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
last-modified
Sun, 19 Dec 2021 18:05:21 GMT
server
nginx
etag
"61bf7461-5162"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
20834
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999200:6
98ab4c48038f0a7-1640127212.jpg
ppvesdfiojol.com/upload/202112/0e6e377b1b020881/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/0e6e377b1b020881/98ab4c48038f0a7-1640127212.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
2792408224dde6373f1778228a05505a2a36913137c920af418594c08133fd0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
last-modified
Tue, 21 Dec 2021 22:53:32 GMT
server
nginx
etag
"61c25aec-376e"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
14190
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999200:7
ls
a4p.adpartner.pro/jsunit/ Frame CB30 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=610&screen_width=1600&reload_count=0&banner_num=1640280693845818990&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.7689991202448512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
f01028ffdc46ce6d362f768340c997c6c784bf95a3da4fc2da0c4a30eb65a799

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:34 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame 63C4 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7882&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=300&screen_width=1600&reload_count=0&banner_num=1640280693846869038&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7858&ref=&0.49169634000182505
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e056e4965ecd124218ac2df2eb25777aceabaf2aa0b9a4149be67a83f833db65

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:34 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame F4D2 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=610&screen_width=1600&reload_count=0&banner_num=1640280693846882892&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.013208826601090351
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
fd45004fca6b330555adc2a59a55b8f48d17f05570165acafa1175cc9970ca1e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:34 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
media.min.js
a4p.adpartner.pro/apstc/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.397
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
cache-control
no-store no-transform
last-modified
Thu, 16 Dec 2021 14:29:41 GMT
server
nginx
content-encoding
br
etag
W/"61bb4d55-3ac0"
content-type
application/javascript
ls
a4p.adpartner.pro/media/ Frame 0915 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
0f7dd7f1fa44944d0c4bafa399cf20f34f48d391f9e7438b84b068cba16f07d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:34 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
1282.js
jsn.24smi.net/e/7/13248/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248/1282.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
417fd63c23a7c6e249b54002e965c6d3eda19e06b84a4ae80e226021ed2ac9a6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:49 GMT
server
cloudflare
age
37
etag
W/"61c4b249-11b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c235301bf6e375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
783.js
jsn.24smi.net/b/0/14482/ 		54 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/b/0/14482/783.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7dea60fa923ab7d7120f0c2e05888e781939006d0777b63ef9148ebdd623f2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:26 GMT
server
cloudflare
age
37
etag
W/"61c4b232-d62c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c235301bf6f375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=760423118&t=pageview&_s=1&dl=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&ul=en-us&de=UTF-8&dt=%D0%A8%D0%BC%D1%8B%D0%B3%D0%B0%D0%BB%D1%8C%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B0%D1%82%20%D0%B2%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B4%D0%BE%D0%B7%D1%8B%20%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%D1%8B%20%D0%BE%D1%82%20COVID-19%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=175367556&gjid=1742161793&cid=590106492.1640280694&tid=UA-80712032-1&_gid=1764326275.1640280694&_r=1&_slc=1&z=928642215
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsyou.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1281.js
jsn.24smi.net/4/0/13267/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267/1281.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30711901769b5fad09214da2177589c15425a1748c77d332334fd15ed7859b9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:49 GMT
server
cloudflare
age
37
etag
W/"61c4b249-118a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c235301efb7375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
cookie.js
partner.googleadservices.com/gampad/ 		216 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=newsyou.info&callback=_gfp_s_&client=ca-pub-5994697028380609
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
2d985649d1d2e56127d13a5d1aba67f2fa6e1d18c142b577bb674941e960aad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 70DC 		57 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=1573534164&lmt=1640280694&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693852&bpp=4&bdt=635&idt=239&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3655874803963&frm=20&pv=2&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8eee10de3af2de329d7a0577d3de2f592bb0f49c3255ec09a3876278be01d10f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:34 GMT
server
cafe
content-length
14987
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:34 GMT
cache-control
private
1280.js
jsn.24smi.net/d/6/13245/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245/1280.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8bcbffbb8d6c67382224ce3dcc606693d1ffe08545805c167be22f9f0ab12fa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:49 GMT
server
cloudflare
age
37
etag
W/"61c4b249-13f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2353028915375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
zaglushka-top.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame 8372
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280694&psa=0&fo...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
439 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
83927a60099c70a47fad6b301c4856d8d50dcd99e1183171946c52bf662640c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:20 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
271
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:34 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pclicks.js
prodmp.ru/ 		0
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks.js
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
rav4ever.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/javascript
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
utarget.ru/is_clickunder/ 		16 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/is_clickunder/
Requested by
Host: utarget.ru
URL: https://utarget.ru/ranging/00cb2399e4/js/?rand=6937&cookie=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
utarget.pro
Software
nginx /
Resource Hash
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:34 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Vary
Cookie, Accept-Language
Content-Language
ru
render
ocmurc.com/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=1c5ab74a-f432-4daf-86d9-8b0f3f63d728&referrer=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&page_load_uuid=97a0de45-04b1-4a4b-a42e-0d4489e8696e&page_depth=1&dy2l6uq48xq=5eca6fba-9cbb-4f45-9572-32cf84077d45&block_uuid=5eca6fba-9cbb-4f45-9572-32cf84077d45&refresh_depth=1&safari_multiple_request=974
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
541d03f0470bba810e51fa31198f6808a12994b1b83d40a65ab408e95dd8cbf1

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=1c5ab74a-f432-4daf-86d9-8b0f3f63d728&referrer=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&page_load_uuid=97a0de45-04b1-4a4b-a42e-0d4489e8696e&page_depth=1&dy2l6uq48xq=3547ed36-7c1a-4c24-ba38-9664321b8855&block_uuid=3547ed36-7c1a-4c24-ba38-9664321b8855&refresh_depth=1&safari_multiple_request=230
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
35c437852d1e5992974848978d8a089a8b5adfa6ea459b9181d8046164b38028

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=1c5ab74a-f432-4daf-86d9-8b0f3f63d728&referrer=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&page_load_uuid=97a0de45-04b1-4a4b-a42e-0d4489e8696e&page_depth=1&dy2l6uq48xq=1005d6d5-8587-4044-84b7-f49ce1b590da&block_uuid=1005d6d5-8587-4044-84b7-f49ce1b590da&refresh_depth=1&safari_multiple_request=959
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6425d583bdb475a9100b37e8eb8e1d4b7a99d7cd65d451a049ee0c10653b6b68

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=1c5ab74a-f432-4daf-86d9-8b0f3f63d728&referrer=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&page_load_uuid=97a0de45-04b1-4a4b-a42e-0d4489e8696e&page_depth=1&dy2l6uq48xq=c0a8ed84-a54b-489b-89d5-0615217d2847&block_uuid=c0a8ed84-a54b-489b-89d5-0615217d2847&refresh_depth=1&safari_multiple_request=322
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8dde8e6be39defec247a6d4a75622476361bbedceff6348e5404634b97b03f6c

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=1c5ab74a-f432-4daf-86d9-8b0f3f63d728&referrer=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&page_load_uuid=97a0de45-04b1-4a4b-a42e-0d4489e8696e&page_depth=1&dy2l6uq48xq=3c625efe-9cd7-4984-b8ff-0ac328698b2c&block_uuid=3c625efe-9cd7-4984-b8ff-0ac328698b2c&refresh_depth=1&safari_multiple_request=996
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f11ae13dba691feaa1cf9096020147ce35fced170384228aef29015882254e44

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9496.mY4pIUR4Lau-kCeV1wqlUn1Yn03QLQIGUM9gKqUgeShyUVrZJU1tpla17bTwJ0yZ.BuWRfOV53KP2TL2nadoqqo5ifiw%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9496.BaFwk9JnTfvtSX_ObjWcqFq_NxpfJQ4lFoe8v6QLrya-piB9bVNA94E-SE3Qcr-myGPfO0_qDbg1ewfIarFvow%2C%2C.6lZ-SPyqk8I0R3bPQk7O1vRD21o%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9496.BaFwk9JnTfvtSX_ObjWcqFq_NxpfJQ4lFoe8v6QLrya-piB9bVNA94E-SE3Qcr-myGPfO0_qDbg1ewfIarFvow%2C%2C.6lZ-SPyqk8I0R3bPQk7O1vRD21o%2C
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9496.BaFwk9JnTfvtSX_ObjWcqFq_NxpfJQ4lFoe8v6QLrya-piB9bVNA94E-SE3Qcr-myGPfO0_qDbg1ewfIarFvow%2C%2C.6lZ-SPyqk8I0R3bPQk7O1vRD21o%2C
date
Thu, 23 Dec 2021 17:31:34 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-58.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:59:30 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 08 Dec 2021 08:59:30 GMT
server
CloudFront
age
1326724
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590808, s-maxage=30310003
x-amz-cf-pop
FRA50-C1
content-length
0
x-amz-cf-id
jSuPlOgiNHcAS0-2LKQhC7s4bUDfCA67p3XunHyv66cWrEhYpo4zhg==
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=f2238ad9913f9cde&d=newsyou.info
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:34 GMT
server
openresty
zaglushka-center.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame EFA9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280694&rafmt=11...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
199219a286886204cb63366914c6e1e1a29cae3626805565499868d088ace98c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:20 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1157
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:34 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ 		6 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:24:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:34 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1940b7ca414417d344c0a3f22e2cb27873b399224c321d4bb3c38862e543a1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:05:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:34 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 23 Dec 2021 18:31:34 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5DFE 		82 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca7c482e345c1343ac3fe3af5451649296a8462b4fe9435e9bd61d44eb6a4593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:34 GMT
server
cafe
content-length
22635
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:34 GMT
cache-control
private
widget-button.css.php
telegram.im/widget-button/ 		2 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/widget-button.css.php
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:33 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0
fonts.css
telegram.im/widget-button/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/fonts.css
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 09:05:17 GMT
Server
nginx
ETag
W/"58b29a4d-f47"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:33 GMT
style.css
telegram.im/widget-button/ico/ 		1 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/ico/style.css
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 09:02:08 GMT
Server
nginx
ETag
W/"58b29990-42b"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:33 GMT
WidgetTelegramButton.min.js
telegram.im/widget-button/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/WidgetTelegramButton.min.js
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 21:40:46 GMT
Server
nginx
ETag
W/"58b34b5e-c56c"
Strict-Transport-Security
max-age=0
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:33 GMT
analytics.js
www.google-analytics.com/ Frame CB30 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=610&screen_width=1600&reload_count=0&banner_num=1640280693845818990&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1828
date
Thu, 23 Dec 2021 17:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 19:01:06 GMT
jsunit
a4p.adpartner.pro/ Frame CB30 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280693845818990&id=7460&is_in_viewport=0&ref=&reload_count=0&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&session_pageview=1&shown=&site_visited=1&unit_id=7460
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=610&screen_width=1600&reload_count=0&banner_num=1640280693845818990&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
61b194599cc1cd5be6ab8d8279e48c958f9b93a6836a0557d0730153d145aad4

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=610&screen_width=1600&reload_count=0&banner_num=1640280693845818990&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:34 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame 63C4 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280693846869038&id=7858&is_in_viewport=0&ref=&reload_count=0&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&session_pageview=1&shown=&site_visited=1&unit_id=7882
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7882&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=300&screen_width=1600&reload_count=0&banner_num=1640280693846869038&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
cfae65b85a72acd4fd82671bd789f5084acf61084009b01002f55e9bc08c3344

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7882&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=300&screen_width=1600&reload_count=0&banner_num=1640280693846869038&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:34 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame F4D2 		29 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280693846882892&id=2489&is_in_viewport=0&ref=&reload_count=0&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&session_pageview=1&shown=&site_visited=1&unit_id=2489
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=610&screen_width=1600&reload_count=0&banner_num=1640280693846882892&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
b6fe913a3f5837982290959f1648ba92dcb42338fba9332767e313e11ad45a85

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&width=610&screen_width=1600&reload_count=0&banner_num=1640280693846882892&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:34 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
media
a4p.adpartner.pro/ Frame 0915 		1 KB
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=5555&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e96939b42d401676a7ebee230fd34d42f59d5af39aaeeebb257568eacd2b8711

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=2050795f-e60c-4a1a-a498-75b1ba484640&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
zaglushka-center.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame DE7B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280694&rafmt=11...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
199219a286886204cb63366914c6e1e1a29cae3626805565499868d088ace98c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:20 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1157
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:34 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-58.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:59:30 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 08 Dec 2021 08:59:30 GMT
server
CloudFront
age
1326724
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590808, s-maxage=30310003
x-amz-cf-pop
FRA50-C1
content-length
0
x-amz-cf-id
zq1yNzO_CDBa0qm8Lf2sTHCCa2qTnltgG5Ot3HQPjsOV8pRoZsc7Rg==
/
m.mixadvert.com/show/load/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5876&id_name=fcDop&teaser_name=hklSpoi&block_name=nibidS&ban_teaser=&r=0.702808751606895&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5876&r=0.3053962632886278
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
29cfafc91ce129ba6f93b1ad97f427892ace1e1e5226141bbab61d89fa85b590
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 11:14:45 GMT
x-content-type-options
nosniff
age
195409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 11:14:45 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9265 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92a4ace178b9880e54fe71790e6b7befa4de00f42185bee30a00d6754bc36b42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:34 GMT
server
cafe
content-length
12021
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:34 GMT
cache-control
private
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13977&f=2&ref=https%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3ddfc996b5b196ee104c980e24d4a4183b3224352b1f9d5ead255019e1205d8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
css2
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:21:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:34 GMT
css2
fonts.googleapis.com/ 		5 KB
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1940b7ca414417d344c0a3f22e2cb27873b399224c321d4bb3c38862e543a1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:05:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:34 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7724 		27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c35193949a32f80d5ab143da9bcc64c48718548faa26de483421a9d3edccf41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:35 GMT
server
cafe
content-length
12542
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
private
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280694&ptz=0&pl=en-US&object=14482&template_id=783&num=3&ref=&output=json&chash=VztuINms3n&extids=&callback=__smiCb1640280693774
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
949f05030fd340fb981e2c4acdcdc097aa193ce2ee496e6086d8832d55cd16dc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
d0b61c3202891e61.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/d0b61c3202891e61.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ebf831c917cc19797fad0a9243ad955a1f6e57183ad27c2ac123cecb29782bd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 22 Dec 2021 12:55:04 GMT
server
nginx/1.14.2
etag
"61c32028-7445"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
29765
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 20:07:55 GMT
x-content-type-options
nosniff
age
163419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 20:07:55 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:14:30 GMT
x-content-type-options
nosniff
age
76624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 20:14:30 GMT
css
fonts.googleapis.com/ 		12 KB
827 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:19:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 20:07:55 GMT
x-content-type-options
nosniff
age
163419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 20:07:55 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:14:30 GMT
x-content-type-options
nosniff
age
76624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 20:14:30 GMT
d0361c31fee1b24a.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/d0361c31fee1b24a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6804acce8caf4034e76ca17282755c64641e3d54ae4c7f6218d059d076cb9e22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 22 Dec 2021 12:54:06 GMT
server
nginx/1.14.2
etag
"61c31fee-a2b1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
41649
d0361c44d57b5e73.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/c36d16a932074f478b94dfa1b7357b64/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/c36d16a932074f478b94dfa1b7357b64/d0361c44d57b5e73.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
298d707012ffc9b53afd4f2373df0efe7daed45d1cf1ac1648e9455a3b3675f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 23 Dec 2021 10:20:07 GMT
server
nginx/1.14.2
etag
"61c44d57-4bb7"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19383
ads
googleads.g.doubleclick.net/pagead/ Frame 33AA 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcef382a4547d738320c7996e39f670fbc8ac42cb5e877499ba92dfd4bf5bdcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:35 GMT
server
cafe
content-length
12606
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
private
z
s.zmctrack.net/ Frame F980 		102 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
d9e1de019570ba0759135ee12ae95a92ed6f998375519af0cdb5753de3942393

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
1
mc.yandex.com/watch/44453875/
Redirect Chain
  • https://mc.yandex.com/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&charset=utf-8&browser-info...
  • https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&charset=utf-8&browser-in...
350 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1552%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1627649892689%3Ahid%3A788831796%3Az%3A0%3Ai%3A20211223173134%3Aet%3A1640280694%3Ac%3A1%3Arn%3A872272967%3Arqn%3A1%3Au%3A1640280694190662448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280692205%3Ads%3A0%2C162%2C697%2C2%2C1%2C0%2C%2C573%2C7%2C%2C%2C%2C1585%3Adsn%3A0%2C162%2C697%2C2%2C0%2C0%2C%2C573%2C8%2C%2C%2C%2C1584%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280695%3At%3A%D0%A8%D0%BC%D1%8B%D0%B3%D0%B0%D0%BB%D1%8C%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B0%D1%82%20%D0%B2%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B4%D0%BE%D0%B7%D1%8B%20%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%D1%8B%20%D0%BE%D1%82%20COVID-19%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
9b2482b49eeec2285421eb05c8976eb56ca2daf30bf6295182eccb429a26bb2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 23-Dec-2021 17:31:34 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 23-Dec-2021 17:31:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 23-Dec-2021 17:31:34 GMT
location
/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1552%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1627649892689%3Ahid%3A788831796%3Az%3A0%3Ai%3A20211223173134%3Aet%3A1640280694%3Ac%3A1%3Arn%3A872272967%3Arqn%3A1%3Au%3A1640280694190662448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280692205%3Ads%3A0%2C162%2C697%2C2%2C1%2C0%2C%2C573%2C7%2C%2C%2C%2C1585%3Adsn%3A0%2C162%2C697%2C2%2C0%2C0%2C%2C573%2C8%2C%2C%2C%2C1584%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280695%3At%3A%D0%A8%D0%BC%D1%8B%D0%B3%D0%B0%D0%BB%D1%8C%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B0%D1%82%20%D0%B2%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B4%D0%BE%D0%B7%D1%8B%20%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%D1%8B%20%D0%BE%D1%82%20COVID-19%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 23-Dec-2021 17:31:34 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1F54 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b5151f751716f242c467581a71083a097f87a2a7d2152987055651f13528729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:35 GMT
server
cafe
content-length
11713
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
private
logo_left.gif
file.adpartner.pro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/logo_left.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 24 Jan 2019 09:25:42 GMT
server
nginx
etag
"5c498496-a79"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
2681
telegramimfont.ttf
telegram.im/widget-button/ico/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/ico/fonts/telegramimfont.ttf?7b24fo
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/ico/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e

Request headers

Referer
https://telegram.im/widget-button/ico/style.css
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:33 GMT
Last-Modified
Sun, 26 Feb 2017 09:02:02 GMT
Server
nginx
ETag
"58b2998a-59c"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1436
1px-matching-adpartner.gif
t.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:34 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=2050795f-e60c-4a1a-a498-75b1ba484640
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D10&cdsp=363190&user_id=2050795f-e60c-4a1a-a498-75b1ba484640&sct=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=10
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=10
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c23530698706916-FRA
content-type
image/gif
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=2050795f-e60c-4a1a-a498-75b1ba484640
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D9&cdsp=363190&user_id=2050795f-e60c-4a1a-a498-75b1ba484640&sct=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=9
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=9
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c23530698886916-FRA
content-type
image/gif
2050795f-e60c-4a1a-a498-75b1ba484640
s.uuidksinc.net/match/272/ 		74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/272/2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
2050795f-e60c-4a1a-a498-75b1ba484640
recreativ.ru/mtch/31/ 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recreativ.ru/mtch/31/2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

hn
b19
date
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
content-type
image/gif
pix
dsp-trk.eskimi.com/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
via
1.1 google
alt-svc
clear
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/adpdigital
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
193.232.150.148 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp15.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
x-backend-id
f15-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f15-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
127
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007F77B2C46113002372027F5519&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F76B2C4610908F32C0287C49E
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F76B2C4610908F32C0287C49E
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F76B2C4610908F32C0287C49E
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007F77B2C461180034730272E905&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F76B2C4610908F32C0287C49E
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F76B2C4610908F32C0287C49E
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F76B2C4610908F32C0287C49E
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=26ffc376-e743-4bc5-5bda-6ab94306a0a6
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=26ffc376-e743-4bc5-5bda-6ab94306a0a6
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=26ffc376-e743-4bc5-5bda-6ab94306a0a6
date
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=d4bcbbe9-a23c-4053-693c-2950c6e89817
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=d4bcbbe9-a23c-4053-693c-2950c6e89817
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=d4bcbbe9-a23c-4053-693c-2950c6e89817
date
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
css
fonts.googleapis.com/ 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:13:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:34 GMT
d0b6115360bf1f86.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/dc7ecd7351ae49748f1e78fa144f3195/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/dc7ecd7351ae49748f1e78fa144f3195/d0b6115360bf1f86.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6eb1d97374d7d109c419a5b5d30eb49e6e57095ceea9e60945301a0d359b32cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 12 Aug 2021 14:54:03 GMT
server
nginx/1.14.2
etag
"6115360b-4030"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
16432
d0b61b090eba3593.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/75d0dbb9fb5845d9830cc073c4e37616/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/75d0dbb9fb5845d9830cc073c4e37616/d0b61b090eba3593.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5cd40fe604b58b6d0f2fd44e5fcc9423a943051aedfc3d44aeac6612dd7e2050

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 08 Dec 2021 11:03:07 GMT
server
nginx/1.14.2
etag
"61b090eb-4f0d"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20237
d0b61c32063a6c1b.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/d0b61c32063a6c1b.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8773f887e6d0472f166df5c8d38f43a81ac55d5174ebdd9f5d9fb6e53961fa8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 22 Dec 2021 12:56:03 GMT
server
nginx/1.14.2
etag
"61c32063-8720"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
34592
d0b61b8fbc068836.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/d0b61b8fbc068836.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
28c3b24f87d5f92b9674f8f01f11fb31a3e68538ea483ac9812986bb8b8d9294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Tue, 14 Dec 2021 20:17:04 GMT
server
nginx/1.14.2
etag
"61b8fbc0-5ece"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24270
d0b61c45027f3f0c.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/26097f1d9161463f99d3d3ec66eada45/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/26097f1d9161463f99d3d3ec66eada45/d0b61c45027f3f0c.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
27643e651751bd6c2cbe1350d6336dd8cc807049b14bdecd4620d7e1afd010ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 23 Dec 2021 10:32:07 GMT
server
nginx/1.14.2
etag
"61c45027-8af7"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
35575
d0b611535d09ed40.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/ad636d96e673415e90d489e332995bf1/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/ad636d96e673415e90d489e332995bf1/d0b611535d09ed40.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
25518d2c841e59dec58e64b57333fbd2640ace7042fe584dc19649690e14272f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 12 Aug 2021 14:53:04 GMT
server
nginx/1.14.2
etag
"611535d0-4a58"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19032
d0b61b090e7753d9.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/d30aecdcb0ef4d4f962ae020b2a50c4b/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/d30aecdcb0ef4d4f962ae020b2a50c4b/d0b61b090e7753d9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f054bf0870f8a7262d7c6a7c35cb1ceb67823f501c4bf19b8389849fe3cf9838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 08 Dec 2021 11:03:03 GMT
server
nginx/1.14.2
etag
"61b090e7-5f94"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24468
d0b6182b6785e11d.jpeg
ocmurc.com/.cdn/05a5cf/6512bd/2fa32ae2c78a49de93dbab7a8a3f5f89/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/6512bd/2fa32ae2c78a49de93dbab7a8a3f5f89/d0b6182b6785e11d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
cd919786e58a29bed6ae038fd3e7f514232525798fc80a3d1127a5d6c5c103f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 03 Nov 2021 16:19:04 GMT
server
nginx/1.14.2
etag
"6182b678-5021"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20513
d0b6194a92d3a0ff.jpeg
ocmurc.com/.cdn/05a5cf/6512bd/ceb3ec894cca4652b4d301451afb1856/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/6512bd/ceb3ec894cca4652b4d301451afb1856/d0b6194a92d3a0ff.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d98786d0d1f2ea3270d27f459db6be4a334c26b364e79f8f0d106c274aac2200

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 17 Nov 2021 07:03:09 GMT
server
nginx/1.14.2
etag
"6194a92d-3c83"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
15491
d0b61b059e056f97.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/320c0552d1cb4ff0a14f70fdacd5b628/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/320c0552d1cb4ff0a14f70fdacd5b628/d0b61b059e056f97.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
50787a7684b4c3b017af0d1f754e97969bdd6cf20bf2d59e81d614dccc916c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 08 Dec 2021 07:08:16 GMT
server
nginx/1.14.2
etag
"61b059e0-3a00"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
14848
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54385
x-xss-protection
0
server
cafe
etag
4993246191385855005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:34 GMT
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 44A9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246885_74e93c3d2a.jpg
zn3.2xclick.ru/img/400x400/885/ Frame 44A9 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/885/1246885_74e93c3d2a.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
d413187e7fd42a10ac03e4b166868be0fc8d0f38ed81e354de3f5176a29ef990

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Thu, 23 Dec 2021 16:43:07 GMT
Server
nginx
ETag
"61c4a71b-7032"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
28722
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246658_0b9d7dee25.jpg
zn3.2xclick.ru/img/400x400/658/ Frame 44A9 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/658/1246658_0b9d7dee25.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
ccd0d28962618c48f75fc894dde961d87f9bf9c1a45ed23e0ffc27eabcad7bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Thu, 23 Dec 2021 12:06:42 GMT
Server
nginx
ETag
"61c46652-aafb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
43771
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246215_a759d52860.jpg
zn3.2xclick.ru/img/400x400/215/ Frame 44A9 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/215/1246215_a759d52860.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Wed, 22 Dec 2021 19:54:14 GMT
Server
nginx
ETag
"61c38266-6301"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
25345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&tizer_id=13977&r=0.6631117700191163
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
content-type
image/gif; charset=windows-1251
if
a4p.adpartner.pro/tracker/ Frame 71FC 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2038647%2C%22cost%22%3A0.000157179%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b3c9b218-591b-4381-b28f-6d812a16aeda%22%7D%2C%7B%22ad_id%22%3A2297870%2C%22cost%22%3A0.000109135%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%222da18b2c-0bf1-471b-993b-c23925a974e6%22%7D%2C%7B%22ad_id%22%3A2287865%2C%22cost%22%3A0.0000614353%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%223b40b3ca-e8d7-48d7-83c9-60b69d4b35a9%22%7D%5D%2C%22unit_id%22%3A7460%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:34 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 8F82 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2210828342-1aa9-4bc1-9264-c39322ab0588%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2260a3f0c6-3652-462d-8881-00f102e9fb7e%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2210945c96-76d8-423f-949f-1226611463e5%22%7D%2C%7B%22ad_id%22%3A1714798%2C%22cost%22%3A0.000399628%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229de5e9d3-06ca-4594-b1d2-4ce40a3aa533%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:34 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
d0361b896fa68b76.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/03388beaebee41d99dd9101ed5f4931e/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/03388beaebee41d99dd9101ed5f4931e/d0361b896fa68b76.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2a8ce07b19c6bc8278de07de3f720d8e796698d19c30d8e10ed19084354639c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Tue, 14 Dec 2021 13:07:06 GMT
server
nginx/1.14.2
etag
"61b896fa-37d3"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
14291
d0361c451c7c126a.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a175fc7379634446b2371aef5f13243a/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a175fc7379634446b2371aef5f13243a/d0361c451c7c126a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
adc8fc28b66827d96a76ac5be9c44ccea9d61249418820bedd9092c16775ac3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 23 Dec 2021 10:39:03 GMT
server
nginx/1.14.2
etag
"61c451c7-478e"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
18318
close.gif
newsyou.info/img/ 		83 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/close.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:20 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83
Expires
Thu, 30 Dec 2021 17:26:20 GMT
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=212162&f=2&ref=https%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
1f55ab848addef247470244b0789d526b9f97a8a8077acbb4c4c969f01d024c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
informer
data.24smi.net/ 		646 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280694&ptz=0&pl=en-US&object=13248&template_id=1282&num=1&ref=&output=json&chash=VztuINms3n&extids=&callback=__smiCb1640280693775
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
2a07ea8397d43520ddd513cea7b5b94fe4dfcbe70f6952f891f48750d9f55ac9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
content-length
646
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 11:06:27 GMT
x-content-type-options
nosniff
age
109507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 11:06:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 05:33:18 GMT
x-content-type-options
nosniff
age
129496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 05:33:18 GMT
if
a4p.adpartner.pro/tracker/ Frame 4DBA 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25222050795f-e60c-4a1a-a498-75b1ba484640%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5555%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%2522%257D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:34 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
d0b611d0a3a2edd5.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/ef34f7f1d29449029f4cded922edb743/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/ef34f7f1d29449029f4cded922edb743/d0b611d0a3a2edd5.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d5dc3810d345b69ede6455734f4efcd13ed56b902668192e7d2004c171591a8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 18 Aug 2021 13:25:14 GMT
server
nginx/1.14.2
etag
"611d0a3a-43c1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
17345
d0b61add90bc4bec.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/b4bbd717686441f8bd0711295baf6767/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/b4bbd717686441f8bd0711295baf6767/d0b61add90bc4bec.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
7aa01b65ddab63af081b179c28164c663a40e042b2ba1fed2644ee6f9d2a211d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Mon, 06 Dec 2021 09:34:03 GMT
server
nginx/1.14.2
etag
"61add90b-5656"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
22102
d0b61af169fdc6a8.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/c8fa0c5c8e4f49b3b238d7b9b5989cce/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/c8fa0c5c8e4f49b3b238d7b9b5989cce/d0b61af169fdc6a8.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d451478e68967318296d36228990231513bc7f5e5de8c11d825f8061a4e5e6cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Tue, 07 Dec 2021 08:09:03 GMT
server
nginx/1.14.2
etag
"61af169f-5679"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
22137
d0b61c2e2c03295c.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/e5ba1cdf921645dfaf1baaa1699a4a34/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/e5ba1cdf921645dfaf1baaa1699a4a34/d0b61c2e2c03295c.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6fd74ae9cdfbab7675d4661239ae5bc58958af25b1127247ffb5b9a979c4de9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 22 Dec 2021 08:33:04 GMT
server
nginx/1.14.2
etag
"61c2e2c0-3a70"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
14960
d0b61b085e3ce442.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/884fa888eac744b596737050d32fc061/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/884fa888eac744b596737050d32fc061/d0b61b085e3ce442.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
986036fffea7b52937718badd063cc28a6da29792e6df5c0176b302008928381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 08 Dec 2021 10:16:03 GMT
server
nginx/1.14.2
etag
"61b085e3-62a8"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
25256
d0b61b096109f84d.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a3f02c1fb1604939859cf07ddca7a555/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a3f02c1fb1604939859cf07ddca7a555/d0b61b096109f84d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
28d4bd1f035e957aaa00531c44df5cf7b802ae9235261ed370510fdd1743a52b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 08 Dec 2021 11:25:04 GMT
server
nginx/1.14.2
etag
"61b09610-4431"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
17457
d0b611d0a35a6fac.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/4f250b41093144cdb2190c2a78e9a259/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/4f250b41093144cdb2190c2a78e9a259/d0b611d0a35a6fac.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
138bec58cfd65720c14272d5aed343b949207725edd5f676bdcd9bb092c963f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 18 Aug 2021 13:25:09 GMT
server
nginx/1.14.2
etag
"611d0a35-2f35"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
12085
d0b6115364870ce2.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/49e51e77a95f44439191d8ff8e999515/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/49e51e77a95f44439191d8ff8e999515/d0b6115364870ce2.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f3039063bdeeddc487f9a6e8f625e1a10c8a37ec37e2707a3a3835aba0fc8686

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 12 Aug 2021 14:55:04 GMT
server
nginx/1.14.2
etag
"61153648-4b6a"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19306
d0b61c2e15974d9f.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/d1af29db767146fe8971421ef96d3ed2/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/d1af29db767146fe8971421ef96d3ed2/d0b61c2e15974d9f.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
59503ee4a006b3075f5817e3740635657a43294b6ce47fc281c267b2c9dbf817

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 22 Dec 2021 08:27:05 GMT
server
nginx/1.14.2
etag
"61c2e159-65c2"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
26050
d0b61c2d473b353f.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a27d54fff753481e9f5009c745089aed/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a27d54fff753481e9f5009c745089aed/d0b61c2d473b353f.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2b678f0f6e81d299144c8c356bfc6a9d78709cd344aa1996b82a6a27b62925c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Wed, 22 Dec 2021 07:32:03 GMT
server
nginx/1.14.2
etag
"61c2d473-755f"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
30047
view.php
ppvesdfiojol.com/ 		2 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/view.php
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
412999200:8
expires
Thu, 19 Nov 1981 08:52:00 GMT
38170-438579-KGr.jpg
i.mixadvert.com/8174/38170/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438579-KGr.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Tue, 30 Nov 2021 11:30:40 GMT
Server
nginx/1.12.1
ETag
"61a60b60-4b0f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19215
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438575-5yf.jpg
i.mixadvert.com/8174/38170/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438575-5yf.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Tue, 30 Nov 2021 11:27:51 GMT
Server
nginx/1.12.1
ETag
"61a60ab7-62ef"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25327
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438578-259.jpg
i.mixadvert.com/8174/38170/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438578-259.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Tue, 30 Nov 2021 11:29:43 GMT
Server
nginx/1.12.1
ETag
"61a60b27-5d4c"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23884
Expires
Thu, 31 Dec 2037 23:55:55 GMT
block_head.png
mixadvert.com/images/logo/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
logo_left.gif
file.adpartner.pro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/logo_left.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
last-modified
Thu, 24 Jan 2019 09:25:42 GMT
server
nginx
etag
"5c498496-a79"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
2681
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame BF17 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 22 Dec 2021 19:07:16 GMT
expires
Wed, 05 Jan 2022 19:07:16 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
80658
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 5D79 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1169373_a92fd42263.jpg
zn3.2xclick.ru/img/300x300/373/ Frame 5D79 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/373/1169373_a92fd42263.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
1b86d8c739c9f3e1ecfde56ea85f699ebeb53a6d576523828150c147bb11f54e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Thu, 29 Jul 2021 04:52:58 GMT
Server
nginx
ETag
"6102342a-5944"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
22852
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1153108_a465e98b7b.jpg
zn3.2xclick.ru/img/300x300/108/ Frame 5D79 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/108/1153108_a465e98b7b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
c47059aea1c35a75cce187a3921d7f7da3a2947879b6b6b4fce5fb1abab844b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Wed, 30 Jun 2021 12:48:05 GMT
Server
nginx
ETag
"60dc6805-4f9d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
20381
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246658_0b9d7dee25.jpg
zn3.2xclick.ru/img/300x300/658/ Frame 5D79 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/658/1246658_0b9d7dee25.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
55306872269e2f1b8b7df1b131017007577c4b4ae361f9c1e3cc0118e0e29b1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Thu, 23 Dec 2021 12:06:42 GMT
Server
nginx
ETag
"61c46652-6a0b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
27147
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0.gif
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnYCY0OO_TBbAg==
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnYCY0OO_TBbAg==&bounce=1
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnYCY0OO_TBbAg==&bounce=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Thu, 23 Dec 2021 17:31:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 23 Dec 2021 17:31:34 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnYCY0OO_TBbAg==&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Thu, 23 Dec 2021 17:31:34 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&tizer_id=212162&r=0.23809840785088499
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif; charset=windows-1251
if
a4p.adpartner.pro/tracker/ Frame CA46 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297875%2C%22cost%22%3A0.000731996%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22fdfbe9e9-f1f7-4b73-9701-7707a4dd81b8%22%7D%2C%7B%22ad_id%22%3A2004555%2C%22cost%22%3A0.000173399%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b5068207-a773-4e00-a1f6-3e15298a046d%22%7D%5D%2C%22unit_id%22%3A7882%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:35 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
newsyou.info.1122348.es6.js
jsc.mgid.com/n/e/ Frame F980 		239 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
3390
last-modified
Thu, 02 Dec 2021 15:43:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RC20466EQDSMKB74
x-amz-id-2
wjLf5GDA4qP53hmCzSKeiCACTuV3faSjipVI7ZK729oaeXQf2DBL7mbyK8HhIkpzM1cZE/a+lHo=
cf-bgj
minify
server
cloudflare
etag
W/"3549c59b252a1dff4f0ed90218a6b365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c235307bafb6916-FRA
expires
Thu, 23 Dec 2021 20:31:35 GMT
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13978&f=2&ref=https%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&gw=300&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
d7539ef548210868612bba6365bca43dd2124c1b29a8c660172d03f7ed1ee0c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
/
m.mixadvert.com/show/load/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7880&id_name=RsslK&teaser_name=eGFRDHr&block_name=oedhld&ban_teaser=438579,438575,438578&r=0.06764950167313089&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7880&r=0.9145294879227555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
ee2d9e945ca30545a97d8a54d7e78805bb729ae0eb78f074bf7209e6d2c7256c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
css
fonts.googleapis.com/ Frame 5DFE 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:25:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:35 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5DFE 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13177
x-xss-protection
0
server
cafe
etag
14559802278604478720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:25:50 GMT
jsunit
a4p.adpartner.pro/ Frame 8372 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&ref=https%3A%2F%2Fnewsyou.info%2F&0.7399121600220364
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
59ee8fd5028e981f3ed0dca3bdb7731edae699f1652f23769a9ba59a27f4d407

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
informer
data.24smi.net/ 		1 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280694&ptz=0&pl=en-US&object=13267&template_id=1281&num=2&ref=&output=json&chash=VztuINms3n&extids=&callback=__smiCb1640280693776
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
fa937297be403dd6a9e33a4b8384e9870dcbd1428872a5417c0be488b296bc80
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 9265 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9265 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 9265 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:15 GMT
l
www.google.com/ads/measurement/ Frame 9265 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTG3xKkk3oMwwqrVOVdCZzsrzeA5_a2ixFG1V1D61RbuAOAygln0T84OQUeoIn-tL-kbd01nduOOEn79uPRCIvR0ym6Cg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 5DFE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:27:11 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5DFE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DFE 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5DFE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9265 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cuc_PdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkAJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQkoD5iS3UmHfUg-5TVijxyPOEBuRCbjTCrEmQ33UPmtcMXVkeqz84AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=jxmPtcCoRP0&uach_m=[UACH]&cid=CAQSKQCNIrLMPiqqkmZbR1bwA0x19YEdkV7S7OsDm822CqX87OAwg9DM4UaiGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 9265 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g9t3gdvcc1fer63v2bmy2f6myetreg3rqyc4kpb2hkb30gb2mvd99vw58qhg5zkgnbs3bzmjrtj37z0my1haxc0ffaphgr2hmtf7m3y91qzmve47v5at3bhj6yet2z5v4jcc0xjj4v5kx9f2fzqc22a7pbz3ck97qh0vfesqxxh86x5d422mkfmgn8gvqfdejcd6g0hkj1sev17vct3nb7nn4hgtz9nm122ny3skdb6ac5drd5kxxr62y6kb2cyed71w2hwh12j1bqzss611xd3gnc6grey98dwdcz7jsafwxy8qmzd78qgpxgdr2dsqw8y8142gawxsk059x1xs1a261ff8h6r6p2sdzypxzaejgpa1q7rnw1qz4xrgz4qx8a0xxn6qyzxc8fksvyhxrmpdmgjr&b=YcSydgAH4yIKp6AlAAQ8DsOyiAisdgB8C7seQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:35 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 8963 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jz62s76cv5kygepzvnssvew8cetwqefh795rfsab85yqs4dq7c2fzgbedp4cvhg3ccbvtcthkyv803vg2hb11e67v5re0kvgfmcb32k341nqejkmjs84jfaz817mv2habfbc52rj78n4g0c89kqaneb765hj4wydws3x0war4yw6nr4h9bszxwtgkbbs15rtxv8qb329r672eeeg16ss57hswj9bpz1r232jrfbsj6qp87e938mfk0g3k0dmcfwavrmbzjmf83k1ck2sz7sxntv1n7z98r25zf5bttwpkfmmda0qyf5wvq6q1gn07mada80mb08rtqw292zx8q0fchp6b3x1nm2fv6n7r8c9h1tfxczkgcphbxnxnksr0kg8pbzg5y0ersbmpnyrdxyyc36jma3c1yhky3avhcqxgm5xn704mnsr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24de5f276c60a4b76f5f218bf89a52232327024967c9ac4848e8385d0cf99e98
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c235309ce9d839d-MXP
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 03FD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14723
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
m.mixadvert.com/show/ Frame F980 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5876&r=0.3053962632886278
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
5b5b7eda2900c6316c5c4b842a5928ad0290246bdd278c5d8970a38252c7b666
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
internal
dmpprof.com/matching/ 		141 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&title=%D0%A8%D0%BC%D1%8B%D0%B3%D0%B0%D0%BB%D1%8C%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B0%D1%82%20%D0%B2%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B4%D0%BE%D0%B7%D1%8B%20%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%D1%8B%20%D0%BE%D1%82%20COVID-19%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&dmp_print_id=75f67d020a6c2c4561d1ca4670345b0a
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e27c0029d10a1e1f9cab0a62de8a97db68b463667a89f75576ef8ef1a848e675

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
141
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 9F7D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246215_a759d52860.jpg
zn3.2xclick.ru/img/400x400/215/ Frame 9F7D 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/215/1246215_a759d52860.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Wed, 22 Dec 2021 19:54:14 GMT
Server
nginx
ETag
"61c38266-6301"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
25345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
N81uM5UbLqGcRe8aL2uB
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/
Redirect Chain
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HEsnYCY0OO_TBbAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/N81uM5UbLqGcRe8aL2uB
43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/N81uM5UbLqGcRe8aL2uB
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/N81uM5UbLqGcRe8aL2uB
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.19.0
content-length
0
0100007F76B2C4610908F32C0287C49E
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=uZQlT2HEsnYCY0OO_TBbAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F76B2C4610908F32C0287C49E
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F76B2C4610908F32C0287C49E
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F76B2C4610908F32C0287C49E
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
N81uM5UbLqGcRe8aL2uB
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/
Redirect Chain
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HEsnYCY0OO_TBbAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/N81uM5UbLqGcRe8aL2uB
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/N81uM5UbLqGcRe8aL2uB
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/N81uM5UbLqGcRe8aL2uB
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.19.0
content-length
0
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HEsnYCY0OO_TBbAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HEsnYCY0OO_TBbAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
102
x-xss-protection
1; mode=block
expires
-1
A_dV2WCRLm88jnH7aIi8_bg
fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsnYCY0OO_TBbAg==
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsnYCY0OO_TBbAg==&tuid=-4298544379
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/A_dV2WCRLm88jnH7aIi8_bg
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/A_dV2WCRLm88jnH7aIi8_bg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:41 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:41 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/A_dV2WCRLm88jnH7aIi8_bg
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&tizer_id=13978&r=0.31116848311731515
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif; charset=windows-1251
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=10139&f=2&ref=https%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&gw=300&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
350f32aef8403d42a781f16b508cb9a894617b48aa2732795f57e102375af097

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
js
tags.mathtag.com/notify/ Frame 7724 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRnMk56WXhabVF0WW1ObE5TMHpZamd4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NzYzMTkwNDY2ODQ1OTM3NTcvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItVTcyRUFaSklGSXZMaHZnYW9fMVA4VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzc2MzE5MDQ2Njg0NTkzNzU3L2Ftcy8wLzY2Ny83Ny85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY0MDI4MDY5NC8xNjQwMjkzMjk0LzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/-MMQ2RF2HcP6MPV-sNq1rmA2aqQ&nodeid=1610&group=cdg&auctionid=2776319046684593757&shardkey=2776319046684593757&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzAYPdrLEYei4Js7ziQOA_bbgBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBLICT9Cjq5eVmsBqkLa9YgCAZHyFGu-5QlRFMcR02tuV1S1gggeeLdTpd8C2XLJNScqlJLo5FCk8smGqsfSAoZiQLRnJNzQogAAKMBYIO42-T687srda44plbAcxbU7WCrfSXMUZruhQsv8Izqzf8lEJMr04wHC8vO7mDkXRmDro1qjdlNWvzsSymFyRizZypCpywKc0xRqxAj2GCPVVeDSmWg9gkRgHXvXtxWCxFRSKGwwcauErdVlyvBRDrGwu4H50CS9p5D1fY90ckLx0ZBZD12VKGTpMkVFzbuPcbB4SXIuILdEpXyEM4YYmSQPy17jzAKmL7VhJIvftuGNk4GIGplSV4PxiNDK492G87g60R56-z2gXmX7rE2gG2UElwVucFdexp8JC20iJszopb1wAjTgEgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ikakEvrhigDQGKKqHhc_hBlYqSQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.210.4 /
Resource Hash
102d451d3fe5a515dd1993a986982ffca812f0fd10b27a16c70b31dd6020683c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1640280694
Last-Modified
Thu, 23 Dec 2021 17:31:34 GMT
Server
MMBD/3.210.4
x-mm-latency
1 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x81, cdg-bidder-x138
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Thu, 23 Dec 2021 17:31:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 7724 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7724 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 7724 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:15 GMT
l
www.google.com/ads/measurement/ Frame 7724 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaREXHtrX_IBAgwYziqOmCqjn48kmvOVibqSpv_dPw3I-VmoWp2C3CRlkvHVT0hvxN4q53xqURySjJdtxHmj0yEP2RXopg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
/
m.mixadvert.com/show/ Frame EFA9 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5709&r=0.6655095448000035
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
4c30eee60ba36b2c89b60ea23673a73eb2a8a30d6785b76594cee6a75a583ba0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1F54 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F54 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1F54 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:15 GMT
/
m.mixadvert.com/show/ Frame DE7B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5709&r=0.6512519102926333
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
4a6088f1d9548bd997ca79a98e86ffee75f986c0542ea79449988a200560f250
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
adview
googleads.g.doubleclick.net/pagead/ Frame BF17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKBg3drLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoEkgJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV9wqZ7EGN0OvbCTJLluhtylF8-2ammViXvHSpDxHQ9_vcsNFwJnzJgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=sVrTa8PqfzQ&uach_m=[UACH]&cid=CAQSGwCNIrLMbQDjvzSs-PbJbDPt2_k2VqBUb5uQvRgB
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame BF17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEcz6RO0HfJ2DYgICAAAAGo6eV-wFOgIQdbLEYWHFd4DsCeGCohm9ABI&wp=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
Kestrel
server-processing-duration-in-ticks
210620
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8F4E 		159 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f12d8196dcb11a8828ab4b9a858face7b9a1a22d306519f31e87279774532f54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8xrCydua4j8TotWVoMUePRg7SQXHKEKkOOKCvmRasHzs7Qp7YUHjwRoVypdeQiLqF0CHod0zXv2R3houQZtOIGXhbde6Ca_beIVpPTUtpT3lqXMFJtluH6Zzf71FDyBxkjlUPo7LDdhJuPiu_2Xj9jQXjH7N04QCDvLcWKes6yJoz1eeRvQkiJIZbDNOba0AzFRFJ4E63DqO1wUxDWZvfczb86YWaBc6v9KvSAqRQAGEBDqBrxfeX8jSGv3fazUAQrVVRw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
111683072
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BF17 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF17 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BF17 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7724 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPDM-drLEYei4Js7ziQOA_bbgBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBK8CT9Cjq5eVmsBqkLa9YgCAZHyFGu-5QlRFMcR02tuV1S1gggeeLdTpd8C2XLJNScqlJLo5FCk8smGqsfSAoZiQLRnJNzQogAAKMBYIO42-T687srda44plbAcxbU7WCrfSXMUZruhQsv8Izqzf8lEJMr04wHC8vO7mDkXRmDro1qjdlNWvzsSymFyRizZypCpywKc0xRqxAj2GCPVVeDSmWg9gkRgHXvXtxWCxFRSKGwwcauErdVlyvBRDrGwu4H50CS9p5D1fY90ckLx0ZBZD12VKGTpMkVFzbuPcbB4SXIuILdEpXyEM4YYmSQPy17jzAKmL7VhJIvftuGNk4GIGplSV4PxiNDK49yO-z5wY-zq5QsxfMqarvJgbzUuZy3WE9Gpx5224elalq5Sw01uNgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=yJI-OdDj07A&uach_m=[UACH]&cid=CAQSOwCNIrLMi6rctZMj9qeF5fxqyNeFOncFcYsktR8VYkQgrHfc1FCs7K5GhoXBkjcAqblq2sIOUBc0JoraGAE&tpd=AGWhJmtegxkYxqrn5YYY9jiajahfIl-GOojezfZRVpSx4GJC6lqMDwCADjRDaby4NSMLabuWorsfVI5r1sTuzgdZeGosQsWwGZq-23nZjzCqFyj8xIQvcgoXTu0Fp1PRXbSq68OpwI5ATPrUnmvTTGmJTlSvy7Zk4uqTD3yjh7epc-VSiX-lHm_PJWIfK6TRIN-37TQGSXaZz6lXBlovCfobLEhc-tdtBhFgYwHCpjUFJRIFxfMJ40Spa-kT0XSvEDYSOl1k_HUW_7Bdx22oLaYvuZphc4tsl5vH4FYSmkPh7NggYy3bj0mNTNGTZTvSz_oQQyf58yXYrKD_4tK1UdmHpxXs8MJ-XEhxIFx_GnWxtkk3ImARa7Z93ctuo__4XXhpxPhCA_5E4ctyw4yX-hduGKhFk1hfFsHmncc61eDfRaXf9JKJIvoeUGVnzfqsntKpN7NvjW8F0wozQg_OnwuQ7t_GCKz7pZdVjF-iRLMP6IOtL8XzuGDBwK78xKJGuWk1tk2464il8B6vERV0rmJNH0bWO7HWfT3LojU4gFXsGQF_CXwpeF6YRg-2nfgwt465MHhEN5un9bAVjIBwssYRPFqobwNXEy9-3JVrXa5eXtYwup3OdMObSfYa-9ySaOVJKswZkpIhSUztAt7yD8OT2DZWR947IQO6pXP5NAgXZHwo6tniv__PKXc_VJprf_5dlOCihY33YdC1JH2HkfjqbRlX2XvJF7sx7Un2IfoAqIb6fmB_V5S3p8UzdGwlfcO983wt5QjzxbS1_Kou2i_cy6cckhIgek9Tdj4AW9uGpXQ1XYKScdLTGldVzsLtF7-UiU3gN90k4vcfKed21J0y7k6evftt1EfVfKNHh3cejWmaLi1aEvafxa7tc5xkp-o5LWKqpwbVcCHY5xUO3RoGF0U-m9RhMwOsLjiqaqSl4vn7ssmea-wNYrYpT6pagc2tYwRP4c0Bx0cEB2b92RbfUZlj896IxL2Cfj_t55BC85jVvOSJ1VAvD-40PBbYfTC9XJo8giKPx_OtB8VFEcZyylkGAArRff8KerGz7jCzuh_a83SHBBaAd5USvO1w1TDiEGs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
jsunit
a4p.adpartner.pro/ Frame 8372 		28 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&unit_id=2489&shown=&session_pageview=1&session_id=5ab9a9d4-15ff-4abe-956b-193f694e0733&site_visited=1&ref=https%3A%2F%2Fnewsyou.info%2F&reload_count=0&banner_num=1640280695048828666&is_in_viewport=1&location=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2489&ref=https%3A%2F%2Fnewsyou.info%2F&0.7399121600220364
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
25dbd39df1e62557d9b10c52ae5ab5d8b54ae40de0fca8572f88f41f11675e2a

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 23 Dec 2021 17:31:35 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
adview
googleads.g.doubleclick.net/pagead/ Frame 074F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZPQNdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoElgJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzrN_FoQm5VDRPKYy5InYuCStLQ25Lx1fGIzvCT-gssxyp2l1Dyhv4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=8qg5Y3aD7f8&uach_m=[UACH]&cid=CAQSOwCNIrLMxznfFZtD2NUlVkQQ2nZGJ5kxKmtQJHAGpdulYs_nVLX-Uh-Ft2dmLYUCtnrxvBRav703KmQ-GAE
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 074F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1k7v8d7egv8hz0d1y9zxnt3nezxfh80g3mngma2w4g5mdgsqgmjf21bw5f9p470pz9bd62b73zseh07fhrfmz6q5p5b3ffr1dqkv9gx5zktfn7vc6gyw1qaff9c944j3r8eknyx4h9wj71236s4djmsazyqyyyrva2fckqfndekwq4bxkf23rhcvx3epqyb6pckged238hvthngpnpk5qdn7xpfd86nheqq7dn0pf8ksd7ds29n6xvqawm17xf51gc06j9c4zbjcetjenvva6rpmztga1bbv5sfn43kapwpdssqkasn8q3yffa7e2x4vn5s28e00acats59fgn07hhvhekckxcn0a2xv2mcdwcs7hanh9355bfd16hnqn4ye44bbgad3tgd18m7m41kk82den0gxy&b=YcSydgAKtlMKp5-LAA5yFpZB3xjvcV259lpdsA
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:35 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 5B50 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gveb4pjasy65z0ecmjp43ym5np0f8yd650yy1f0wj2hvsb1xag033549f1bk8j05m56m9gs4bjb193j93zhaqjepk45sxq6vbtaf784hrja8e4sdesmmrgeex00hkcrv2fb8206vhsw45q9t47yer1xvs7w8nzm27dzx60pa9gqtcwnz6qr239fr4c8dpcznp562mrmghv2k5j6z8ke3rvahtbr9ksh88az7gt81g427atjyww6w5ggehy29mnjxq540stjfe68d7e4ydkexx9qypc6sqv3zra7azyxgsmn0gmt2k90jh7ryrybq157f404w92hdez28w4mevrq6tgcz7e41tv3c3smzra5777k74bjzy2ha5vtge3cjrfbt5e0vp8ewph9zd7sca78e9wfcaqfwt4s586sx9whbfmz1pnbefzdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7730dd4f55ea46d4c0672d9203179247141f55b500a8e0099c7a4375b1a362
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c23530a4d3783b4-MXP
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 074F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5706 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14723
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 074F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:15 GMT
l
www.google.com/ads/measurement/ Frame 074F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwuyfEE_Bw3mOHHfYtIb6JUm25FCXCiMneKSWqxDG3Z-O1Y62bw0pLQphEXwnNwwB1RcdBrULALpiKkonbck3DkEzfZw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 074F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1F54 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4nBmdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoElgJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp6sARmVQ4vlsihRnAdi66TKxJ-UOi8ak5qOV5pcOTmgxa3wFY2Ke4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=UE2kEsBkACo&uach_m=[UACH]&cid=CAQSOwCNIrLM99jBfK2jW01kisG5Cn_7nFx3rL4X4IX2cp-yh6gsg6xzCEDztAt28TTOtNU_79fj-dj_UolUGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 1F54 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jh65a5d0pqx0s41drrkx4sxa8aecaqw0hrjwr1sr0k8hgcey76w4vsj03vxtg1m42hc3kyp8h1cbxwvscnps54hhjhb7bdaxy8nfhwk0b3569gm9ts810qxq45jzc56fyb8jhhgkqjfv3549k4zsf5xhtfq2n2wcxvcjkkk0x5yk0jc6fpqqx77phbgt5m0aj0ryf18de2y0ht5kncj4jggp4gbcddvzhm97v5q4dggv6f20cewgpn29m1mecrx3gf4stpt2q6kadtpzzw7h6cc8erbajj44nsf87pjgk8dykc7xq8c8pzv94h7gme3y43mf1akhkp8aq7zd536y9v7p2egh3cxk8df77f3ff8s1p8qamc36v6a0gavtbkrv97daydtxm355gh75mvshb4sj3q6c&b=YcSydgAK8ZsKp5oJAA4fr1TSWr8N3uXDqij41w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:35 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 9CBB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gh7sbw49cdt078yg6x9b1wxwvxvm608w7mhb8t6ex9wq8c98p51p20t0xn77qwy0wt13bqg5zsrr7s0t09pf7v2av08zr1x89z7hkbmyae704mta1xz1tgmyqshzfsrtrrc5g4pw4kyxnm3dx2wee16vcpqm3fp74jxxm4x45qh4gvwa2r11j8wp3fh7k1d7415fqjqvx6v710wcnrr0vacn2r1709ccjbgmn7g81dc0f4wee69v56q0fzq4eybgnwmtgptphdp94qxyqcfz1magyb136v6jkmps5ztb6wxbjysgrqwwcfy66j10jgsh0k8kzaws678epksewnmmpqkz47v7faj2w16j9cn8pbeh6rvdyefggjm3gwcxqvevyw3t36xdaaa4tj7c8qkxeb1qd6qaxv078tacw63gvxpst6e3p96c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bff660e8f15538b807c492c8b9b44531a82ec4d905604ac6ccda4ed97e119d7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c23530a4d3583b4-MXP
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9FFC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14723
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9265 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65e9d70642df19826ba8fb175c28918de2b18761305cd798a9d3a6ee5cad2bdf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
img
pix.eu.criteo.net/img/ Frame 5DFE 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F2106968-_x600-nocrop.jpg&ups=1&v=3&w=800&s=zYiZTfd34o42wZDoX-TKW87p
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
40b41a360bc2bc928786159e33f72611bb5cf22ed48877f2d0861d19db16fc31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:08:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80572
vary
Origin
x-cache
hit cached
content-type
image/jpeg
cache-control
public, max-age=31535726
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
207851
expires
Thu, 22 Dec 2022 19:04:09 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5DFE 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 12:42:17 GMT
x-content-type-options
nosniff
age
449358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 18 Dec 2022 12:42:17 GMT
jquery_1_7_2.js
m.mixadvert.com/show/application/js/ Frame F980 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/application/js/jquery_1_7_2.js
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5876&r=0.3053962632886278
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 /
Resource Hash
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Mon, 17 Oct 2016 18:47:41 GMT
server
nginx/1.12.0
etag
"58051ccd-17278"
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
94840
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:11:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:35 GMT
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280694&ptz=0&pl=en-US&object=13245&template_id=1280&num=3&ref=&output=json&chash=VztuINms3n&extids=&callback=__smiCb1640280693777
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
a3cd1ab9bf1c53e0373def39a5a268ebda09c54929eeb952582b0a4a394b7559
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 12:42:17 GMT
x-content-type-options
nosniff
age
449358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 18 Dec 2022 12:42:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
142649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 01:54:06 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 05:39:34 GMT
x-content-type-options
nosniff
age
129121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 05:39:34 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 11:23:17 GMT
x-content-type-options
nosniff
age
194898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 11:23:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5DFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3tITdrLEYaLHGsWiiQOr5bjIDcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpArjTclTQ97I-qAMByAMCqgSWAk_QZgWorQkLqD9sb_eXhZjO-yFvhI8UvI8E0owm_YPxMRT2VY3HvdPwP85cv_jSQgBKhYpv3pT2y_xoFxDCsVBvTasDWacXcLYeJJWCwqromsS-vS1c2IqSVSKxDmcstSTXsim0o1g5fN7q0x1HjWhxNU2WMQNIfCxnIupkkax4eavICDUE5B5d2nYXCVKbkepC7yPPi2u7HDyhAlOrp7u1xGKYBenB3ALFBloS-wqDJriAq9ovm1LFflf6Khigr6VMZPlmg227BqrTIK2IMpWlx8yYBmPpO7wRl_MvoEhxfaryXxyKovEGINVkgIixqjH-rua7sHl0V-iXyctAk-mKAtwUxIx5mFaszag-bQn4IFgvwEgNgAb4m8aWv_KU3NcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=ZxFXdr2gny0&uach_m=[UACH]&cid=CAQSGwCNIrLMcUT1miOlGCQf3c-2SvlLQW8982dE0RgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lgn.php
cat.nl.eu.criteo.com/delivery/ Frame 5DFE 		43 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=-zZ96FCR97rQ6zWi_MU_hO6-8y67oFlm8GSmngGY0jV7XL6FYp2xz-r8ZcaRtOs3suB9uhWypOxoO7cjeeRqcbx3aXK--PUX20wUyBljeYjNolpZ4J7H89NckIa4kFaMVCX4_pSUk2hnio6tUiRExSBmVDNf5uNgqo9NznFTN0mk8LRjwJ8iFjfxDFYi085-M6yhUXFykD7qpKxHaNudLxZX87zS5SiTpOz18SoGyKud15633btL-liH1ex9Nk_CSGsosTo5mNYfNelMXcJRn3rbMfelil2u6rSNhg7nuZ4frziXw_d98HCkKN7IBwt78ZkpvI4xCdKOZP5Re-WDzgR8RzI-uVCRLKcZV4fVp9Jdk0litm5UgjDl_RFkTTT3T_DXg2uS-DNy4rrrJQdlx9llSpEHlitniRRg_dqnwjFVkXOQt69yTWrBbJGmNLp6OCCDfmoeRohH3fBDEsEVD4bgGLS82TT4da1u_30fUB3PqVOKOtHfNGHYlhmcEgtkzhmml9FCnsQze78VST1EixzW918&z=YcSydgAGo6IKYlFFAA4yq7eWXaIE8e1BRKyGBg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6483
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5DFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEYrGMAAAnYNiAgIAAAB7oL4v5Jt7zBB2ssRh2XGXg7C0B6KwqfYAEg&wp=YcSydgAGo6IKYlFFAA4yq7eWXaIE8e1BRKyGBg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:34 GMT
server
Kestrel
server-processing-duration-in-ticks
220437
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame 5DFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSUiBdrLEYaLHGsWiiQOr5bjIDcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpArjTclTQ97I-qAMBqgSWAk_QZgWorQkLqD9sb_eXhZjO-yFvhI8UvI8E0owm_YPxMRT2VY3HvdPwP85cv_jSQgBKhYpv3pT2y_xoFxDCsVBvTasDWacXcLYeJJWCwqromsS-vS1c2IqSVSKxDmcstSTXsim0o1g5fN7q0x1HjWhxNU2WMQNIfCxnIupkkax4eavICDUE5B5d2nYXCVKbkepC7yPPi2u7HDyhAlOrp7u1xGKYBenB3ALFBloS-wqDJriAq9ovm1LFflf6Khigr6VMZPlmg227BqrTIK2IMpWlx8yYBmPpO7wRl_MvoEhxfaryXxyKovEGINVkgIixqjH-rua7sHl0V-iXyctAk-mKAtwUxIx5mFaszag-bQn4IFgvwEgNgAb4m8aWv_KU3NcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=4HDxjhx8y6o&uach_m=[UACH]&cid=CAQSGwCNIrLMcUT1miOlGCQf3c-2SvlLQW8982dE0RgB&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame BCB2 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Dec 2021 17:02:22 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1753
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5DFE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6509d331bbab21ad2b43f245d878bd50a881a07ae93bf215b106b228280d7a3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 1DFF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246879_2abcc89321.jpg
zn3.2xclick.ru/img/400x400/879/ Frame 1DFF 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/879/1246879_2abcc89321.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
d18621f7385067fcfd7ddf9af42da75c9026a0d74be6db9580f5fbe6bf73dbce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Thu, 23 Dec 2021 16:27:43 GMT
Server
nginx
ETag
"61c4a37f-429f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17055
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1244709_699db3740c.jpg
zn3.2xclick.ru/img/400x400/709/ Frame 1DFF 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/709/1244709_699db3740c.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3ef2df70fb969b54f937f8840677fd07fb06e6d1438418ef7132e48c9464ab7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Mon, 20 Dec 2021 16:02:51 GMT
Server
nginx
ETag
"61c0a92b-90ee"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
37102
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&tizer_id=10139&r=0.061161010525002446
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif; charset=windows-1251
/
vcmjf535tx.ru/json/ 		49 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vcmjf535tx.ru/json/?user_id=0b396c07-268e-4eb9-bfd9-c524f8529fe4&site_id=7221&blocks=6944%2C610%2012512%2C300%208032%2C300
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6ad1077fcd48f19ff1f4eb531dded7d99577c219f699404da619b22a4a81dfad

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-adsbid-request
30a0884d71439b418a603ccfaa9cd1a5
vary
Accept-Encoding
server
nginx/1.18.0
content-type
text/plain; charset=utf-8
demography
prodmp.ru/pclicks/ 		3 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks/demography?domain=newsyou.info
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
rav4ever.ru
Software
nginx /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 23 Dec 2021 17:31:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=0b396c07-268e-4eb9-bfd9-c524f8529fe4
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=eb84922169184661b2e1d60d73212483
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=eb84922169184661b2e1d60d73212483
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=eb84922169184661b2e1d60d73212483
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
01qrvgnrrbds
hal9000.redintelligence.net/zone/ Frame 7724 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=2776319046684593757&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2776319046684593757%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D88d861c4-b277-4d01-b53f-03426797a169%26mt_cid%3D88d861c4-b277-4d01-b53f-03426797a169%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzAYPdrLEYei4Js7ziQOA_bbgBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBLICT9Cjq5eVmsBqkLa9YgCAZHyFGu-5QlRFMcR02tuV1S1gggeeLdTpd8C2XLJNScqlJLo5FCk8smGqsfSAoZiQLRnJNzQogAAKMBYIO42-T687srda44plbAcxbU7WCrfSXMUZruhQsv8Izqzf8lEJMr04wHC8vO7mDkXRmDro1qjdlNWvzsSymFyRizZypCpywKc0xRqxAj2GCPVVeDSmWg9gkRgHXvXtxWCxFRSKGwwcauErdVlyvBRDrGwu4H50CS9p5D1fY90ckLx0ZBZD12VKGTpMkVFzbuPcbB4SXIuILdEpXyEM4YYmSQPy17jzAKmL7VhJIvftuGNk4GIGplSV4PxiNDK492G87g60R56-z2gXmX7rE2gG2UElwVucFdexp8JC20iJszopb1wAjTgEgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ikakEvrhigDQGKKqHhc_hBlYqSQ%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
da1e74368e78e83e3221b15e594aef23d53e09525633b219ef6575dafa493233

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3406
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 7724 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=2776319046684593757&node_id=1610&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRnMk56WXhabVF0WW1ObE5TMHpZamd4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NzYzMTkwNDY2ODQ1OTM3NTcvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItVTcyRUFaSklGSXZMaHZnYW9fMVA4VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzc2MzE5MDQ2Njg0NTkzNzU3L2Ftcy8wLzY2Ny83Ny85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY0MDI4MDY5NC8xNjQwMjkzMjk0LzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/-MMQ2RF2HcP6MPV-sNq1rmA2aqQ&nodeid=1610&group=cdg&auctionid=2776319046684593757&shardkey=2776319046684593757&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzAYPdrLEYei4Js7ziQOA_bbgBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBLICT9Cjq5eVmsBqkLa9YgCAZHyFGu-5QlRFMcR02tuV1S1gggeeLdTpd8C2XLJNScqlJLo5FCk8smGqsfSAoZiQLRnJNzQogAAKMBYIO42-T687srda44plbAcxbU7WCrfSXMUZruhQsv8Izqzf8lEJMr04wHC8vO7mDkXRmDro1qjdlNWvzsSymFyRizZypCpywKc0xRqxAj2GCPVVeDSmWg9gkRgHXvXtxWCxFRSKGwwcauErdVlyvBRDrGwu4H50CS9p5D1fY90ckLx0ZBZD12VKGTpMkVFzbuPcbB4SXIuILdEpXyEM4YYmSQPy17jzAKmL7VhJIvftuGNk4GIGplSV4PxiNDK492G87g60R56-z2gXmX7rE2gG2UElwVucFdexp8JC20iJszopb1wAjTgEgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ikakEvrhigDQGKKqHhc_hBlYqSQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.210.4 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
MMBD/3.210.4
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x25, cdg-bidder-x138
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 23 Dec 2021 17:31:34 GMT
img
pixel.mathtag.com/event/ Frame 7724 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2776319046684593757&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRnMk56WXhabVF0WW1ObE5TMHpZamd4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NzYzMTkwNDY2ODQ1OTM3NTcvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItVTcyRUFaSklGSXZMaHZnYW9fMVA4VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzc2MzE5MDQ2Njg0NTkzNzU3L2Ftcy8wLzY2Ny83Ny85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY0MDI4MDY5NC8xNjQwMjkzMjk0LzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/-MMQ2RF2HcP6MPV-sNq1rmA2aqQ&nodeid=1610&group=cdg&auctionid=2776319046684593757&shardkey=2776319046684593757&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzAYPdrLEYei4Js7ziQOA_bbgBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBLICT9Cjq5eVmsBqkLa9YgCAZHyFGu-5QlRFMcR02tuV1S1gggeeLdTpd8C2XLJNScqlJLo5FCk8smGqsfSAoZiQLRnJNzQogAAKMBYIO42-T687srda44plbAcxbU7WCrfSXMUZruhQsv8Izqzf8lEJMr04wHC8vO7mDkXRmDro1qjdlNWvzsSymFyRizZypCpywKc0xRqxAj2GCPVVeDSmWg9gkRgHXvXtxWCxFRSKGwwcauErdVlyvBRDrGwu4H50CS9p5D1fY90ckLx0ZBZD12VKGTpMkVFzbuPcbB4SXIuILdEpXyEM4YYmSQPy17jzAKmL7VhJIvftuGNk4GIGplSV4PxiNDK492G87g60R56-z2gXmX7rE2gG2UElwVucFdexp8JC20iJszopb1wAjTgEgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ikakEvrhigDQGKKqHhc_hBlYqSQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master cdg-pixel-x13 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
MT3 4133 baa842e master cdg-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 23 Dec 2021 17:31:34 GMT
img
tags.mathtag.com/event/ Frame 7724 		49 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2776319046684593757&st=4562306&time=1640280695&nodeid=1610
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRnMk56WXhabVF0WW1ObE5TMHpZamd4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NzYzMTkwNDY2ODQ1OTM3NTcvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItVTcyRUFaSklGSXZMaHZnYW9fMVA4VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzc2MzE5MDQ2Njg0NTkzNzU3L2Ftcy8wLzY2Ny83Ny85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY0MDI4MDY5NC8xNjQwMjkzMjk0LzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/-MMQ2RF2HcP6MPV-sNq1rmA2aqQ&nodeid=1610&group=cdg&auctionid=2776319046684593757&shardkey=2776319046684593757&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzAYPdrLEYei4Js7ziQOA_bbgBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBLICT9Cjq5eVmsBqkLa9YgCAZHyFGu-5QlRFMcR02tuV1S1gggeeLdTpd8C2XLJNScqlJLo5FCk8smGqsfSAoZiQLRnJNzQogAAKMBYIO42-T687srda44plbAcxbU7WCrfSXMUZruhQsv8Izqzf8lEJMr04wHC8vO7mDkXRmDro1qjdlNWvzsSymFyRizZypCpywKc0xRqxAj2GCPVVeDSmWg9gkRgHXvXtxWCxFRSKGwwcauErdVlyvBRDrGwu4H50CS9p5D1fY90ckLx0ZBZD12VKGTpMkVFzbuPcbB4SXIuILdEpXyEM4YYmSQPy17jzAKmL7VhJIvftuGNk4GIGplSV4PxiNDK492G87g60R56-z2gXmX7rE2gG2UElwVucFdexp8JC20iJszopb1wAjTgEgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ikakEvrhigDQGKKqHhc_hBlYqSQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.210.4 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
MMBD/3.210.4
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x107, cdg-bidder-x138
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 23 Dec 2021 17:31:34 GMT
/
m.mixadvert.com/show/load/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=6822&id_name=bKpnK&teaser_name=oekhAiT&block_name=bzKczc&ban_teaser=438579,438575,438578,438579,438578,438575&r=0.24789775522862278&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=6822&r=0.7662008199342989
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
ab7f5fb6e115b876ef20135c70d52904596972ca2e9cae1c9379c851480e8e92
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 03FD
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJMwer_qjSqsKwvmYC1Z4D94X_aSSf7voc23H_...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWR3QUFBSEQ1c0NWSg&google_push=AYg5qPJMwer_qjSqsKwvmYC1Z4D94X_aSSf7voc23H_MzejwbhqOVLZVL6y2k1NtA7nCJcxxxfEj2J4aozaCLvIuky-z417g4c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWR3QUFBSEQ1c0NWSg&google_push=AYg5qPJMwer_qjSqsKwvmYC1Z4D94X_aSSf7voc23H_MzejwbhqOVLZVL6y2k1NtA7nCJcxxxfEj2J4aozaCLvIuky-z417g4cMyRO0-0IPFAS8U25i1fbN3ng1gultnbnGzkhbP4NCIm0OQ9gKvK45MR9c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWR3QUFBSEQ1c0NWSg&google_push=AYg5qPJMwer_qjSqsKwvmYC1Z4D94X_aSSf7voc23H_MzejwbhqOVLZVL6y2k1NtA7nCJcxxxfEj2J4aozaCLvIuky-z417g4cMyRO0-0IPFAS8U25i1fbN3ng1gultnbnGzkhbP4NCIm0OQ9gKvK45MR9c
Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
Apache
Connection
keep-alive
Content-Length
446
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 03FD
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEO0Ihr44sHnuBZqXlrRmEs4&google_cver=1&google_push=AYg5qPIEXMSIe21USl1KiTARAoMqLdZ8dkH-ZcqxCQO2CSTUfaorZkMk8FhKwbhJ-RHrMyC_lQgJjiAitc-MKIA4dbcLWGQ62hLP0...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIEXMSIe21USl1KiTARAoMqLdZ8dkH-ZcqxCQO2CSTUfaorZkMk8FhKwbhJ-RHrMyC_lQgJjiAitc-MKIA4dbcLWGQ62hLP0zTy3XeFDn90OeLorJ1yqG_vhuI--CUJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIEXMSIe21USl1KiTARAoMqLdZ8dkH-ZcqxCQO2CSTUfaorZkMk8FhKwbhJ-RHrMyC_lQgJjiAitc-MKIA4dbcLWGQ62hLP0zTy3XeFDn90OeLorJ1yqG_vhuI--CUJexK2bQ_3VFBdEoWUw2o8vZg&google_hm=Q0FFU0VPMElocjQ0c0hudUJacVhsclJtRXM0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:34 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIEXMSIe21USl1KiTARAoMqLdZ8dkH-ZcqxCQO2CSTUfaorZkMk8FhKwbhJ-RHrMyC_lQgJjiAitc-MKIA4dbcLWGQ62hLP0zTy3XeFDn90OeLorJ1yqG_vhuI--CUJexK2bQ_3VFBdEoWUw2o8vZg&google_hm=Q0FFU0VPMElocjQ0c0hudUJacVhsclJtRXM0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 03FD
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLanov0hRfuHX2INMhgIn6Xrnn9ML1n09PKb7RuWVKREvMDZgjxnJLZlxfcUG34-uE7hjJPcIdIsOZDW54PLB2ISzKxRlXuvQWjri3Tgsn9STNXxrnuCNg18ar468pGuNWh4JUPEtz...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPfkko4GEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVlnNXFQTGFub3YwaFJmdUhYMklOTWhnSW42WHJubjlNTDFuMDlQS2I3UnVXVktSRXZNRFpnanhuSkxabHhmY1VHMzQtdUU3aGpKUGNJZElzT1pEVz...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcDk3Nmg0dXR3TFIyc3kzYzBGZXpudGZVUC15NWh1X04wcWxERGV2YWJiUQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcDk3Nmg0dXR3TFIyc3kzYzBGZXpudGZVUC15NWh1X04wcWxERGV2YWJiUQ==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:35 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcDk3Nmg0dXR3TFIyc3kzYzBGZXpudGZVUC15NWh1X04wcWxERGV2YWJiUQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
dds
rtb.openx.net/sync/ Frame 03FD 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECv-TUn54378iX7qQ1rhOR8&google_cver=1&google_push=AYg5qPLLiIkoGdQqlPXESCX_58V7XdN3E5mD1H0te1WRpgokPFtSp30DB82jaKvAw4So71hAN7GCxxcww_E2iXc7ju7ha2brpkRm1Z8LQoX3A0UXdDClSYXtcW4UVuLkjKDq2w-qSufqGbXe3sXJF2hVmQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
va7qrp68jifkg80avo5051otl8fu6ji2
pixel
cm.g.doubleclick.net/ Frame 03FD
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJFuPbfxWqG_EjBG3aZQ6pa91eNbNRgmyD4VBVaO_NssYrPlTsi5kyua3n0F7S-HC_0bwk2o7AXGJf-iYID85ej_kB9yqFhe6ae92RvCegkhxqZdY_xc8Y2LqJXAy8HKCXI16On-6jSXc53dpYk55c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJFuPbfxWqG_EjBG3aZQ6pa91eNbNRgmyD4VBVaO_NssYrPlTsi5kyua3n0F7S-HC_0bwk2o7AXGJf-iYID85ej_kB9yqFhe6ae92RvCegkhxqZdY_xc8Y2LqJXAy8HKCXI16On-6jSXc53dpYk55c
date
Thu, 23 Dec 2021 17:31:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
trk
ag.innovid.com/ Frame 03FD 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESELODeEA8HR3ynveggvEFxOc&google_cver=1&google_push=AYg5qPJe089RCMR1j84OoS-bPbziGltCVR7WFAuPd_Wp_s_-Od7rhfryv6Jdex2XlfeEJ_RtwTq1CAMPcoCZ6G9yVF_t7_mtD5fO5gsOiMOnPzjxCBpDhLOXkd_bwCfwNkvQ-yAlebND0EuoW7yA0gm1_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:445b:903:c624:a695:f9d2:6242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
dot.gif
googlecm.hit.gemius.pl/ Frame 03FD
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJnG7fsF9goncJXVqZru8AI&google_cver=1&google_push=AYg5qPJLeitaNXCBT8RI2Mld...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJLeitaNXCBT8RI2Mldzfzv6IvcEJ92S2jzZjPVskSq2h3aqOSRX4aIVWkujmeyJa_ukaTUfOzxMWLgPz32cS3qMKkOS14yWRJn2qKrMf_yQ8tU8Cogq4&googl...
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
43 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H2
Server
79.137.69.120 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm10.host.hit.gemius.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
image/gif
content-length
43
expires
Wed, 22 Dec 2021 17:31:36 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 03FD 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlmqhgOkWp4Xh5Xk-wwTsD3-Mqc1W50odJAZJ2p2tkIWVPk0W3_yRhizy9DS3vM3VgbfJsSA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693864&bpp=1&bdt=647&idt=554&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5Tv4RYw7Z&p=https%3A//newsyou.info&dtd=557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 8963 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jz62s76cv5kygepzvnssvew8cetwqefh795rfsab85yqs4dq7c2fzgbedp4cvhg3ccbvtcthkyv803vg2hb11e67v5re0kvgfmcb32k341nqejkmjs84jfaz817mv2habfbc52rj78n4g0c89kqaneb765hj4wydws3x0war4yw6nr4h9bszxwtgkbbs15rtxv8qb329r672eeeg16ss57hswj9bpz1r232jrfbsj6qp87e938mfk0g3k0dmcfwavrmbzjmf83k1ck2sz7sxntv1n7z98r25zf5bttwpkfmmda0qyf5wvq6q1gn07mada80mb08rtqw292zx8q0fchp6b3x1nm2fv6n7r8c9h1tfxczkgcphbxnxnksr0kg8pbzg5y0ersbmpnyrdxyyc36jma3c1yhky3avhcqxgm5xn704mnsr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jz62s76cv5kygepzvnssvew8cetwqefh795rfsab85yqs4dq7c2fzgbedp4cvhg3ccbvtcthkyv803vg2hb11e67v5re0kvgfmcb32k341nqejkmjs84jfaz817mv2habfbc52rj78n4g0c89kqaneb765hj4wydws3x0war4yw6nr4h9bszxwtgkbbs15rtxv8qb329r672eeeg16ss57hswj9bpz1r232jrfbsj6qp87e938mfk0g3k0dmcfwavrmbzjmf83k1ck2sz7sxntv1n7z98r25zf5bttwpkfmmda0qyf5wvq6q1gn07mada80mb08rtqw292zx8q0fchp6b3x1nm2fv6n7r8c9h1tfxczkgcphbxnxnksr0kg8pbzg5y0ersbmpnyrdxyyc36jma3c1yhky3avhcqxgm5xn704mnsr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695192
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23530bf9cb83b4-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 8963 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jz62s76cv5kygepzvnssvew8cetwqefh795rfsab85yqs4dq7c2fzgbedp4cvhg3ccbvtcthkyv803vg2hb11e67v5re0kvgfmcb32k341nqejkmjs84jfaz817mv2habfbc52rj78n4g0c89kqaneb765hj4wydws3x0war4yw6nr4h9bszxwtgkbbs15rtxv8qb329r672eeeg16ss57hswj9bpz1r232jrfbsj6qp87e938mfk0g3k0dmcfwavrmbzjmf83k1ck2sz7sxntv1n7z98r25zf5bttwpkfmmda0qyf5wvq6q1gn07mada80mb08rtqw292zx8q0fchp6b3x1nm2fv6n7r8c9h1tfxczkgcphbxnxnksr0kg8pbzg5y0ersbmpnyrdxyyc36jma3c1yhky3avhcqxgm5xn704mnsr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9348
x-guploader-uploadid
ADPycdtXvXkNTikigjdIbYNhxiQLD-4AZAv9bzOL91Gi0Vasqu-NthMEIEUtuuiuVaKDT9UyXdL8EGeHFPeRkpk5qsfqo-CjnA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaTpqXMABTTdlF6bRSg5NLlK8Ia4cKnNCC0nUcI5pWb33TmK38mWJKORhlh6%2F%2FuiRs4WVAUyOPBb8moHdPfc%2F2dwmHeB3b6sLtlEelysZJGnsT6zwRPz4GtBynxk18dcJdPXifk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c23530c1d48839d-MXP
expires
Thu, 23 Dec 2021 14:55:47 GMT
truncated
/ Frame 1F54 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13b27ee96d7a7b149498096559d8fe698df418133ea50f446ba9bc9f94dba730

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 8372 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:14:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:35 GMT
1px-matching-adpartner.gif
t.trafmag.com/images/ Frame 8372 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
match
a4p.adpartner.pro/ssp/ Frame 8372
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=2050795f-e60c-4a1a-a498-75b1ba484640
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=10
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=10
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c23530c4e4a6916-FRA
content-type
image/gif
match
a4p.adpartner.pro/ssp/ Frame 8372
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=2050795f-e60c-4a1a-a498-75b1ba484640
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=9
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=9
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c23530c4e4e6916-FRA
content-type
image/gif
2050795f-e60c-4a1a-a498-75b1ba484640
s.uuidksinc.net/match/272/ Frame 8372 		74 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/272/2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
2050795f-e60c-4a1a-a498-75b1ba484640
recreativ.ru/mtch/31/ Frame 8372 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recreativ.ru/mtch/31/2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

hn
b23
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif
pix
dsp-trk.eskimi.com/ Frame 8372 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
via
1.1 google
alt-svc
clear
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/ Frame 8372 		49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.150.148 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp15.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
x-backend-id
f15-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ Frame 8372 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
123
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ Frame 8372 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=2050795f-e60c-4a1a-a498-75b1ba484640
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/ Frame 8372
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F76B2C4610908F32C0287C49E
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F76B2C4610908F32C0287C49E
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F76B2C4610908F32C0287C49E
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/ Frame 8372
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F76B2C4610908F32C0287C49E
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F76B2C4610908F32C0287C49E
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F76B2C4610908F32C0287C49E
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/ Frame 8372
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/ Frame 8372
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c346fa1c-85ef-5365-8260-e916e3a45b60
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/ Frame 8372
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9d1ce262-7825-4934-6beb-fc89cdecedda
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9d1ce262-7825-4934-6beb-fc89cdecedda
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9d1ce262-7825-4934-6beb-fc89cdecedda
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/ Frame 8372
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=b762eb0d-af82-4898-764b-f12d06ff842d
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=b762eb0d-af82-4898-764b-f12d06ff842d
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=b762eb0d-af82-4898-764b-f12d06ff842d
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 5B50 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gveb4pjasy65z0ecmjp43ym5np0f8yd650yy1f0wj2hvsb1xag033549f1bk8j05m56m9gs4bjb193j93zhaqjepk45sxq6vbtaf784hrja8e4sdesmmrgeex00hkcrv2fb8206vhsw45q9t47yer1xvs7w8nzm27dzx60pa9gqtcwnz6qr239fr4c8dpcznp562mrmghv2k5j6z8ke3rvahtbr9ksh88az7gt81g427atjyww6w5ggehy29mnjxq540stjfe68d7e4ydkexx9qypc6sqv3zra7azyxgsmn0gmt2k90jh7ryrybq157f404w92hdez28w4mevrq6tgcz7e41tv3c3smzra5777k74bjzy2ha5vtge3cjrfbt5e0vp8ewph9zd7sca78e9wfcaqfwt4s586sx9whbfmz1pnbefzdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gveb4pjasy65z0ecmjp43ym5np0f8yd650yy1f0wj2hvsb1xag033549f1bk8j05m56m9gs4bjb193j93zhaqjepk45sxq6vbtaf784hrja8e4sdesmmrgeex00hkcrv2fb8206vhsw45q9t47yer1xvs7w8nzm27dzx60pa9gqtcwnz6qr239fr4c8dpcznp562mrmghv2k5j6z8ke3rvahtbr9ksh88az7gt81g427atjyww6w5ggehy29mnjxq540stjfe68d7e4ydkexx9qypc6sqv3zra7azyxgsmn0gmt2k90jh7ryrybq157f404w92hdez28w4mevrq6tgcz7e41tv3c3smzra5777k74bjzy2ha5vtge3cjrfbt5e0vp8ewph9zd7sca78e9wfcaqfwt4s586sx9whbfmz1pnbefzdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695192
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23530c5ab483b4-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 5B50 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gveb4pjasy65z0ecmjp43ym5np0f8yd650yy1f0wj2hvsb1xag033549f1bk8j05m56m9gs4bjb193j93zhaqjepk45sxq6vbtaf784hrja8e4sdesmmrgeex00hkcrv2fb8206vhsw45q9t47yer1xvs7w8nzm27dzx60pa9gqtcwnz6qr239fr4c8dpcznp562mrmghv2k5j6z8ke3rvahtbr9ksh88az7gt81g427atjyww6w5ggehy29mnjxq540stjfe68d7e4ydkexx9qypc6sqv3zra7azyxgsmn0gmt2k90jh7ryrybq157f404w92hdez28w4mevrq6tgcz7e41tv3c3smzra5777k74bjzy2ha5vtge3cjrfbt5e0vp8ewph9zd7sca78e9wfcaqfwt4s586sx9whbfmz1pnbefzdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9348
x-guploader-uploadid
ADPycdtXvXkNTikigjdIbYNhxiQLD-4AZAv9bzOL91Gi0Vasqu-NthMEIEUtuuiuVaKDT9UyXdL8EGeHFPeRkpk5qsfqo-CjnA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LK4aFnWTchfW2PUNnyAgUCvFVpTOgh6WTPX9zR6oMw1vxhDWf6N0KOYWlJwHBgE8z3D%2BuUz6hDM9hVuM6XJNoGkniUp3PzLfMOpbP5%2FtFZeHPwiv1DM5Cn1Hi8PcjuH%2FTOZz6uE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c23530c6abd83b4-MXP
expires
Thu, 23 Dec 2021 14:55:47 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 9CBB 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gh7sbw49cdt078yg6x9b1wxwvxvm608w7mhb8t6ex9wq8c98p51p20t0xn77qwy0wt13bqg5zsrr7s0t09pf7v2av08zr1x89z7hkbmyae704mta1xz1tgmyqshzfsrtrrc5g4pw4kyxnm3dx2wee16vcpqm3fp74jxxm4x45qh4gvwa2r11j8wp3fh7k1d7415fqjqvx6v710wcnrr0vacn2r1709ccjbgmn7g81dc0f4wee69v56q0fzq4eybgnwmtgptphdp94qxyqcfz1magyb136v6jkmps5ztb6wxbjysgrqwwcfy66j10jgsh0k8kzaws678epksewnmmpqkz47v7faj2w16j9cn8pbeh6rvdyefggjm3gwcxqvevyw3t36xdaaa4tj7c8qkxeb1qd6qaxv078tacw63gvxpst6e3p96c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gh7sbw49cdt078yg6x9b1wxwvxvm608w7mhb8t6ex9wq8c98p51p20t0xn77qwy0wt13bqg5zsrr7s0t09pf7v2av08zr1x89z7hkbmyae704mta1xz1tgmyqshzfsrtrrc5g4pw4kyxnm3dx2wee16vcpqm3fp74jxxm4x45qh4gvwa2r11j8wp3fh7k1d7415fqjqvx6v710wcnrr0vacn2r1709ccjbgmn7g81dc0f4wee69v56q0fzq4eybgnwmtgptphdp94qxyqcfz1magyb136v6jkmps5ztb6wxbjysgrqwwcfy66j10jgsh0k8kzaws678epksewnmmpqkz47v7faj2w16j9cn8pbeh6rvdyefggjm3gwcxqvevyw3t36xdaaa4tj7c8qkxeb1qd6qaxv078tacw63gvxpst6e3p96c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695192
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23530c6abf83b4-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 9CBB 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gh7sbw49cdt078yg6x9b1wxwvxvm608w7mhb8t6ex9wq8c98p51p20t0xn77qwy0wt13bqg5zsrr7s0t09pf7v2av08zr1x89z7hkbmyae704mta1xz1tgmyqshzfsrtrrc5g4pw4kyxnm3dx2wee16vcpqm3fp74jxxm4x45qh4gvwa2r11j8wp3fh7k1d7415fqjqvx6v710wcnrr0vacn2r1709ccjbgmn7g81dc0f4wee69v56q0fzq4eybgnwmtgptphdp94qxyqcfz1magyb136v6jkmps5ztb6wxbjysgrqwwcfy66j10jgsh0k8kzaws678epksewnmmpqkz47v7faj2w16j9cn8pbeh6rvdyefggjm3gwcxqvevyw3t36xdaaa4tj7c8qkxeb1qd6qaxv078tacw63gvxpst6e3p96c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9348
x-guploader-uploadid
ADPycdtXvXkNTikigjdIbYNhxiQLD-4AZAv9bzOL91Gi0Vasqu-NthMEIEUtuuiuVaKDT9UyXdL8EGeHFPeRkpk5qsfqo-CjnA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnnUerbIUm1uXJa%2FIItuWwxs3gQ%2FVBbLFB2R38ik1zJmTDDQQ0rk4zM0NVjE%2BuB06t18idANeOvOb1CHkf20tvAFQvvP9HJ39Jye5XpsE70ftbQo04wRzc6UO076V8zGGeiCdp8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c23530c6ac183b4-MXP
expires
Thu, 23 Dec 2021 14:55:47 GMT
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:43:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:35 GMT
css
fonts.googleapis.com/ 		3 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:13:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:35 GMT
truncated
/ Frame 074F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e291ed40643750d88bbbf8739b9ebfecc7acb5103731bb0fb1710947fff724a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
if
a4p.adpartner.pro/tracker/ Frame 418E 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2257fd3843-b9bf-43a7-b337-c737b13fb832%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2256c97c97-a492-451c-8a3a-992fd590f33d%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b233dcba-9496-48e4-8ec9-c29bf0dab1a6%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:35 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 28B9 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2257fd3843-b9bf-43a7-b337-c737b13fb832%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2256c97c97-a492-451c-8a3a-992fd590f33d%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b233dcba-9496-48e4-8ec9-c29bf0dab1a6%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:35 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8F4E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:35 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8F4E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:35 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8F4E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 18 Dec 2022 17:31:35 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 8F4E 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 18 Dec 2022 17:31:35 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 8F4E 		43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ymocUTqIuRg9IBP6gwNPNSoSd0Wree9nQK0NRr2gmtTZO2cwwYX1yU3sXGUZ0NnyaEHbha-pC9Ke1i6UI1D-ptkHkN0Y5aHABb2axqCi_vWs5lVdTMGYUeGFESYz9rPwxLR7Gdu1cnOAX-TqWJzuqkRByIiVM6zgHsniU_aUrHOY9YU9c_eyaXo0m2ihnJkUCbW7pbxv5sJSrfSR2832ztd0q7KBNhTmGlh7kkiG_6vLwfnXwaHNwKyBCIZb1W_aFsCchgiFui4RjJA27-MFMeN2HG1rVA9Res3j6VeEy3Aw387Kbi4htUbbhaZ58Bl1-BrYnpsbY8714nXQA7NtpFjar3PlvpWM0eDRR81xg_t8mzwaG3Ji39IZ8Vfrmc-xKBEjxWVBqVG4Xi876VKAL7UtUMRN019UFBxvknaO8hqc_TYGhej5ZlV3X-Awjfi0oji48A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5869
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
1564374.jpeg
img.adpartner.pro/1564/ Frame 8372 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/1564/1564374.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
e8e57e40e378e737e9282a9277113181f7732e6e318191b730f96cd98ba59d5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Wed, 17 Mar 2021 06:54:51 GMT
server
nginx
etag
"6051a7bb-da29"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
55849
1576063.jpeg
img.adpartner.pro/1576/ Frame 8372 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/1576/1576063.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
3e98125694d9931deddc26813896339026c50c64573e32a896c6e2ae6d8d4db0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Thu, 25 Mar 2021 10:25:48 GMT
server
nginx
etag
"605c652c-b9d0"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
47568
1700972.jpeg
img.adpartner.pro/1700/ Frame 8372 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/1700/1700972.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
3c6026f564d0353e7a94d94a6b91a3e19c127b4170fb46da20056845fd9c36ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
last-modified
Sat, 26 Jun 2021 21:27:57 GMT
server
nginx
etag
"60d79bdd-d074"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
53364
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8372 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
142649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 01:54:06 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8372 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 12:42:17 GMT
x-content-type-options
nosniff
age
449358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 18 Dec 2022 12:42:17 GMT
/
ppvesdfiojol.com/ 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
5ba9d72a3a2306becbc032d8d2777fa548e0c090e5261785922ce65e09ad0008

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
412999200:9
expires
Thu, 19 Nov 1981 08:52:00 GMT
internal
dmpprof.com/matching/ 		142 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&title=%D0%A8%D0%BC%D1%8B%D0%B3%D0%B0%D0%BB%D1%8C%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B0%D1%82%20%D0%B2%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B4%D0%BE%D0%B7%D1%8B%20%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%D1%8B%20%D0%BE%D1%82%20COVID-19%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&dmp_print_id=75f67d020a6c2c4561d1ca4670345b0a
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
04300bcea7f70d5d71255ce0ec0d8f66c4c69aa81c3552087e56bb7cdd47d4f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
142
request.php
hal900010.redintelligence.net/ Frame 7724 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=4edaf566b5&subid=&uid=d23046d422696588&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2776319046684593757%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D88d861c4-b277-4d01-b53f-03426797a169%26mt_cid%3D88d861c4-b277-4d01-b53f-03426797a169%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzAYPdrLEYei4Js7ziQOA_bbgBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBLICT9Cjq5eVmsBqkLa9YgCAZHyFGu-5QlRFMcR02tuV1S1gggeeLdTpd8C2XLJNScqlJLo5FCk8smGqsfSAoZiQLRnJNzQogAAKMBYIO42-T687srda44plbAcxbU7WCrfSXMUZruhQsv8Izqzf8lEJMr04wHC8vO7mDkXRmDro1qjdlNWvzsSymFyRizZypCpywKc0xRqxAj2GCPVVeDSmWg9gkRgHXvXtxWCxFRSKGwwcauErdVlyvBRDrGwu4H50CS9p5D1fY90ckLx0ZBZD12VKGTpMkVFzbuPcbB4SXIuILdEpXyEM4YYmSQPy17jzAKmL7VhJIvftuGNk4GIGplSV4PxiNDK492G87g60R56-z2gXmX7rE2gG2UElwVucFdexp8JC20iJszopb1wAjTgEgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ikakEvrhigDQGKKqHhc_hBlYqSQ%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D250%26slotname%3D3705784778%26adk%3D723310274%26adf%3D1408470707%26pi%3Dt.ma~as.3705784778%26w%3D300%26lmt%3D1640280694%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-sidebar-2.php%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1640280693865%26bpp%3D1%26bdt%3D647%26idt%3D659%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D7f04637ef6abf9bf-2286f6410dcd00d5%253AT%253D1640280694%253ART%253D1640280694%253AS%253DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg%26prev_fmts%3D0x0%252C580x280%252C610x379%252C610x420%252C610x379%252C300x250%26nras%3D1%26correlator%3D3655874803963%26frm%3D20%26pv%3D1%26ga_vid%3D590106492.1640280694%26ga_sid%3D1640280694%26ga_hid%3D760423118%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D805%26ady%3D1158%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%26oid%3D2%26pvsid%3D782908665950961%26pem%3D208%26tmod%3D920%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D7%26uci%3Da!7%26fsb%3D1%26xpc%3DFxcV6e5cpk%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D667&ancestorOrigins=null&random=2965989416439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=2776319046684593757&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2776319046684593757%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D88d861c4-b277-4d01-b53f-03426797a169%26mt_cid%3D88d861c4-b277-4d01-b53f-03426797a169%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzAYPdrLEYei4Js7ziQOA_bbgBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBLICT9Cjq5eVmsBqkLa9YgCAZHyFGu-5QlRFMcR02tuV1S1gggeeLdTpd8C2XLJNScqlJLo5FCk8smGqsfSAoZiQLRnJNzQogAAKMBYIO42-T687srda44plbAcxbU7WCrfSXMUZruhQsv8Izqzf8lEJMr04wHC8vO7mDkXRmDro1qjdlNWvzsSymFyRizZypCpywKc0xRqxAj2GCPVVeDSmWg9gkRgHXvXtxWCxFRSKGwwcauErdVlyvBRDrGwu4H50CS9p5D1fY90ckLx0ZBZD12VKGTpMkVFzbuPcbB4SXIuILdEpXyEM4YYmSQPy17jzAKmL7VhJIvftuGNk4GIGplSV4PxiNDK492G87g60R56-z2gXmX7rE2gG2UElwVucFdexp8JC20iJszopb1wAjTgEgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ikakEvrhigDQGKKqHhc_hBlYqSQ%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9bfebde0017c5419bdd355f8354c91dbb3277fb434984c88e477feec671f8e53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
75101400161994200951393011817010
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1265
Expires
Thu, 23 Dec 2021 17:31:36 +0100
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8963 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783010
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swHXjYIM%2Fzlh%2FRIEO2oNgYOHBlCGNMmDm0Su%2Fvb3hM2A7jYZR8urZrz4%2B6isqt%2BWNmqIQenLJKkQ61XgNt0I0w9S8VTZlXVH45xrOvwcFzBzUo3GXsteFtU%2Bb2WzoPTWHFQ7E18eOKPDxtu5lGcwngdy"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c23530e5b3d5a25-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
22aa77b6ad1bc3afc9376e096d20e441.jpeg
img.servestatic.net/300_300/2/2/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.servestatic.net/300_300/2/2/22aa77b6ad1bc3afc9376e096d20e441.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceaae9923dca5b17e98396a3ed20b875f581afe2aa92f7d01a01d03b393017c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110305
cf-polished
qual=85, origFmt=jpeg, origSize=23754
content-disposition
inline; filename="22aa77b6ad1bc3afc9376e096d20e441.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11574
last-modified
Wed, 22 Dec 2021 07:53:44 GMT
server
cloudflare
etag
"61c2d988-5cca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtpaW%2BO9juyv4kBo8qmU1Bl9v8bVVrhCo2dsuZphYZpHNaNqlPT%2BZVB9pVBIdpxoF%2Bn4cS2jSt3dsTKfston3qhAaADKKfGG0wt6jcuQvbwMrGrJbTCwXiaOK1wxMcq89wOMu%2ByaMZ%2BBBFUFkxdkjaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 24 Dec 2021 10:53:11 GMT
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c23530e7e643754-MXP
cf-bgj
imgq:85,h2pri
truncated
/ Frame BF17 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70babc629aa0ea4fc0d01dd6ae705578853f3fd86c31c495fd561bde95bcb3ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5B50 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783010
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfIeGS7CmhirZAnIaOUASVAduquEGIQpfpHSu3DqcHUMnv%2BuLFxjVjMw9GM6ld2occb2kJE3qTuUoC4PElMXEyy7um2IJ%2BmA7K9QaiiWN7i%2BfXXnp7RMIh5MKumyApt9XaeM%2B4LbMYRvBAY9qecFQBwr"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c23530e5b465a25-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
c98c6380d742335-1640128877.jpg
ppvesdfiojol.com/upload/202112/a3d9695f1f880a6b/ Frame EFA9 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/a3d9695f1f880a6b/c98c6380d742335-1640128877.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ec7d3ddc302a1a34860837b9b1a6a18430872ef585c525b55df2ec708b90ced0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 21 Dec 2021 23:21:17 GMT
server
nginx
etag
"61c2616d-35d4"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
13780
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999200:10
pixel
cm.g.doubleclick.net/ Frame 5706
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEIPBhq-E10mc-8gcKcfRfTo&google_cver=1&google_push=AYg5qPLkharvxrRbU4q0TIuNgzXpDRBCbv0Vnnks0CP5wzWUAWAGK5ivBb0zl2qCDAKMexE3-iyEJOrYs0o0IXvV5wkB4VoB7rxnw...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkharvxrRbU4q0TIuNgzXpDRBCbv0Vnnks0CP5wzWUAWAGK5ivBb0zl2qCDAKMexE3-iyEJOrYs0o0IXvV5wkB4VoB7rxnwLoZUt__5RyOAHJrUGRXxk3JYm8_HqyM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkharvxrRbU4q0TIuNgzXpDRBCbv0Vnnks0CP5wzWUAWAGK5ivBb0zl2qCDAKMexE3-iyEJOrYs0o0IXvV5wkB4VoB7rxnwLoZUt__5RyOAHJrUGRXxk3JYm8_HqyMMDXXGOhCxIGQ3FypOrjrxg&google_hm=Q0FFU0VJUEJocS1FMTBtYy04Z2NLY2ZSZlRv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkharvxrRbU4q0TIuNgzXpDRBCbv0Vnnks0CP5wzWUAWAGK5ivBb0zl2qCDAKMexE3-iyEJOrYs0o0IXvV5wkB4VoB7rxnwLoZUt__5RyOAHJrUGRXxk3JYm8_HqyMMDXXGOhCxIGQ3FypOrjrxg&google_hm=Q0FFU0VJUEJocS1FMTBtYy04Z2NLY2ZSZlRv
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 5706 		42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPI-cdW5Bi8u13ybVwGdrJ-I_JXJLWaPlfTRbr8EcsBp2Qo7cKJ2yJ6pGzYQLlIOjXZmxQetg1whGnwAHENk91FDLz5b6U6krH59x5Vjxh9sv_9pLrd_B-q9oFLj5lawYoObw7gnD-cGnMqNwYjvEq8&google_gid=CAESEHRkBXkDymHQICRI5a6zmrM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
dds
rtb.openx.net/sync/ Frame 5706 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGzJfLRvdvsjFtFv8JdRzEk&google_cver=1&google_push=AYg5qPLz6VfAmLjAkiVNuBVJqk2uhiNtwjbfApJoXn5Xp-9uzvSu2iAM_yknFHfRRzn6DRnRfq_SATOMdgGVEJgtVDp5sf_861nj864O_09RhKaNvv3ONz505Pfby3IwZsbL8vtwXUhpkMFuslC8K2EZU6c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
nuua9tkcds3eet70cdn3usmkk6hpnb7n
pixel
cm.g.doubleclick.net/ Frame 5706
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIVcSnsKFUg2IHBIqyfeLcuNclyBk1h1tRmvhAl5FWgwpLivVuQSRmzxiSlaKETvryFe100oIBGKtDVWUwX2kaTaniD3LkqtxWo7cONfH4VqEPiHvjSRcJYeXtpQkKrvyAdx3vpBWmiNF656mRpHA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIVcSnsKFUg2IHBIqyfeLcuNclyBk1h1tRmvhAl5FWgwpLivVuQSRmzxiSlaKETvryFe100oIBGKtDVWUwX2kaTaniD3LkqtxWo7cONfH4VqEPiHvjSRcJYeXtpQkKrvyAdx3vpBWmiNF656mRpHA
date
Thu, 23 Dec 2021 17:31:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5706
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEANRk5MyWUran6gSxu7nttw&google_cver=1&google_push=AYg5qPK2tkxftJzD5W0WJkzlJXjOhI7uADhO9GqoiEf0vSBrsJGt1D74bMOpT35ZLyZtjzaA6g9...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJYOEgtMTAtRjNCQQ==&google_push=AYg5qPK2tkxftJzD5W0WJkzlJXjOhI7uADhO9GqoiEf0vSBrsJGt1D74bMOpT35ZLyZtjzaA6g9K5xcPE9VkkpKLAMiZLZ0MO2fj1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJYOEgtMTAtRjNCQQ==&google_push=AYg5qPK2tkxftJzD5W0WJkzlJXjOhI7uADhO9GqoiEf0vSBrsJGt1D74bMOpT35ZLyZtjzaA6g9K5xcPE9VkkpKLAMiZLZ0MO2fj1EtBpYOe_oIWGmYk8BZDdnPDxhIIlh6dNWQn7Gp_HazlfurJtTy6h8w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJYOEgtMTAtRjNCQQ==&google_push=AYg5qPK2tkxftJzD5W0WJkzlJXjOhI7uADhO9GqoiEf0vSBrsJGt1D74bMOpT35ZLyZtjzaA6g9K5xcPE9VkkpKLAMiZLZ0MO2fj1EtBpYOe_oIWGmYk8BZDdnPDxhIIlh6dNWQn7Gp_HazlfurJtTy6h8w
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
trk
ag.innovid.com/ Frame 5706 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPBjYk-SAXRMmi_7qTfkNxw&google_cver=1&google_push=AYg5qPJQTp3lBfb2e5zx17RwAb_tx8ZreQaQD4KhSixjSFiPxyG8Q3ZolEJJ0HSx5-pRF1R9QwGU-9RvMpuistljCQimL169-FJFsAcec4Qux7deQoDHnp8bhQE0uaa-XvI-0T0t_EZ6VW88ih0NDCnwUBs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:445b:903:c624:a695:f9d2:6242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
dot.gif
googlecm.hit.gemius.pl/ Frame 5706
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHdBt5LPOI8P_UJZWts2dC4&google_cver=1&google_push=AYg5qPLrnEoe-tVGqGVFtyZv...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLrnEoe-tVGqGVFtyZvwPxHW_qQdtnitjJYfoWacwAk_ru2qYlPHyu7FX7FJibrYjI76GDcv_Ir7IEP1p5H7PZdn7-jAFpJ3EuF-rzUiXtCPlrt9BNTVE&googl...
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
43 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H2
Server
79.137.69.120 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm10.host.hit.gemius.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
image/gif
content-length
43
expires
Wed, 22 Dec 2021 17:31:36 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5706 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9REmBr-IBvDPAH241ck5ukp9wIopCsTyHmRlR0fiIwAjdykG1LNxlwgHSLpjbY73Vp99aXg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280694&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=724&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=TZGCFJIh1K&p=https%3A//newsyou.info&dtd=727
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 9FFC 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAJX00OQnpUb0-rXbEIDoWY&google_cver=1&google_push=AYg5qPK0UvDGNSSiv63IQ0GTJDcrmzgD09iOkQqyPHTaXn9LBkG5I0Je5mHOWg__k_hDFWNtczyN50MblLqgyPAHqkIXZG2uAwpxI4XJ5oBP5gAsYuRRFi9mWMLlw-XkIE5VeT7i3rzJhqbBf2_ves38gBc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9FFC
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEFGo_zWihbm6Tio7SIeNlHw&google_cver=1&google_push=AYg5qPIlgM7y7YMUhnVyQzd4tyUEjrwMnFoL90s5azcQSYk2XFdRMwo5_Pey4RMnHdlZmzirIOjnkRtmVRB9X7WuyorDBbVbco_i4...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIlgM7y7YMUhnVyQzd4tyUEjrwMnFoL90s5azcQSYk2XFdRMwo5_Pey4RMnHdlZmzirIOjnkRtmVRB9X7WuyorDBbVbco_i41sGuAsG38c4Iaag9f2PTtqqg3LqE0wE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIlgM7y7YMUhnVyQzd4tyUEjrwMnFoL90s5azcQSYk2XFdRMwo5_Pey4RMnHdlZmzirIOjnkRtmVRB9X7WuyorDBbVbco_i41sGuAsG38c4Iaag9f2PTtqqg3LqE0wE05nGfYM0zBvlO-6ldHifKg&google_hm=Q0FFU0VGR29feldpaGJtNlRpbzdTSWVObEh3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIlgM7y7YMUhnVyQzd4tyUEjrwMnFoL90s5azcQSYk2XFdRMwo5_Pey4RMnHdlZmzirIOjnkRtmVRB9X7WuyorDBbVbco_i41sGuAsG38c4Iaag9f2PTtqqg3LqE0wE05nGfYM0zBvlO-6ldHifKg&google_hm=Q0FFU0VGR29feldpaGJtNlRpbzdTSWVObEh3
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 9FFC 		42 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJ8GUbM2aHU6Wv305INetSON7_i2WmP3uIJ1_fvItIxnUBhWPWHzIfKCmwKzQzrjuYOhV7hIoeOyIHdyrC_IAzCFicDM4tUgTabMckuoHTt_L339OX2nh3jjuBgNh4TqFvn7h4JJdov9SQ3GFvjQ1c&google_gid=CAESELBtfkUXZash-cGmI3eQCSU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
pixel
cm.g.doubleclick.net/ Frame 9FFC
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLpzYI4...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLpzYI4...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzYwMDAxNjA2OTI3ODM4OA%3D%3D&google_push=AYg5qPLpzYI4YBgz5o6-R4e3SRMCZk_m-iYsXJ5htzsE3eqK8qkP8R7rOpGnD-tPC1hJzP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzYwMDAxNjA2OTI3ODM4OA%3D%3D&google_push=AYg5qPLpzYI4YBgz5o6-R4e3SRMCZk_m-iYsXJ5htzsE3eqK8qkP8R7rOpGnD-tPC1hJzPoo6TB7CVSwLY7BA8d-K1nfdULmO6WxsTHj437Z_NEkPVL7V8o2HyWxiTFerhBUZk07kyE6W5y4jo4lUvg8YMU
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzYwMDAxNjA2OTI3ODM4OA%3D%3D&google_push=AYg5qPLpzYI4YBgz5o6-R4e3SRMCZk_m-iYsXJ5htzsE3eqK8qkP8R7rOpGnD-tPC1hJzPoo6TB7CVSwLY7BA8d-K1nfdULmO6WxsTHj437Z_NEkPVL7V8o2HyWxiTFerhBUZk07kyE6W5y4jo4lUvg8YMU
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 23 Dec 2021 17:31:37 GMT
dds
rtb.openx.net/sync/ Frame 9FFC 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMMJccBpwqdwYljbkWzhnXk&google_cver=1&google_push=AYg5qPL_NgVdRT_Mz9_sAf9gPpdjv-g71Whhqj3XFsjDKCBbg5Na6hiJcVoj0fn77j1rOzI6TowEUN3PIann3cuBQq-DuT_AZfV3eW2ACKBulQbHUoGiO0x-Ov0TmpuR1FYhcDgrD1SAO8aimSqyZv9SIQw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:35 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
r3iethqh7e14io7910gd2k6973376o0v
pixel
cm.g.doubleclick.net/ Frame 9FFC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_w...
0
0
trk
ag.innovid.com/ Frame 9FFC 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEN3dNUEqYQIsc5cwfwDd5m8&google_cver=1&google_push=AYg5qPIj7q0WHl_qjC_sJ8Q7swxygdafCSgkfARcuJ-IsHl1lwxeVhOdOLhAack62FO3PZ6JMdiGhCFxs0nQS22UulvnHfTWCFRU_UzS2oYbVQOEzqf1m-hX6tJCfPV0gvxU8s2sjiTghwhb_aOv2HO7stA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:445b:903:c624:a695:f9d2:6242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 9FFC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J9SCqR-M5rwnISQBm7n4VdbZFAqN9XVQ-BPEKql5QVKZ2g4SE4QymY4eGo1L7xS0yM5spT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280694&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693866&bpp=1&bdt=649&idt=751&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=3703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=YCPqsIZPj3&p=https%3A//newsyou.info&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8F4E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1801584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfBTuAvwVxKm6DeNwBNqYd4TM6Z9zCQta5F2seoIZklZW96Ag9prM3Ko3W2E2R5TPg62SeCkr9Hxqqw9XWgqqJQB9QxSdFXE3TZubFiC4u%2FXtt8uHIIl1wjMfX7SdX7QmhPEsAzXQTTI8GrqeTumg9el"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c23530e798205e9-FRA
x-cache-tag
abcd1234
expires
Tue, 13 Dec 2022 17:31:36 GMT
frame.html
ad4m.at/ Frame FA4D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires
Thu, 23 Dec 2021 18:31:36 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
1783511
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Kat36SIhs%2FBfbAXmXFC82WcJTTMCnUqB9by3IwJB3qKa%2Bn1Sw0y5%2Bitd2e5mRR6BNblrjAPG3uUTJze6jqMe9J0S8uUHSwOuPpNCEHGsChhDILpX5VpoKKkjxylnWBQTo0rIz4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c23530e782583b4-MXP
content-encoding
br
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9CBB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783010
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOmzja1IasP%2B1PqSRhfP0mwL5ZNo6umJ%2Fgy9hU4Cmv6RDZYRPwDkuGCyWUPdZdQpuMe5ZtWLxH6ztW49gNFLiZTxotA3VyXnMNgrWIGHQ4Wimhqhj1i6hUKFQ1DQtk7EZOG57Di02Q0RCCl862eTXNsL"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c23530e7b975a25-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame 7EE2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires
Thu, 23 Dec 2021 18:31:36 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
1783511
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOghqZm8M3t1eRYLQ6LrvLNNFqFY21GSR3AxrJtOG7KWUlUPDFCQ%2BVGreER4TRVf6trfHJGI6klTJg%2BirklSmRjpsoWtoGO9mqqDpAtxggLVNZoj1atWKsc%2FcEeMeGLGupUJvA0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c23530e885b83b4-MXP
content-encoding
br
enr
dmpprof.com/ 		2 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/enr?href=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&title=%D0%A8%D0%BC%D1%8B%D0%B3%D0%B0%D0%BB%D1%8C%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B0%D1%82%20%D0%B2%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B4%D0%BE%D0%B7%D1%8B%20%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%D1%8B%20%D0%BE%D1%82%20COVID-19%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
animejs.js
static.criteo.net/animejs/ Frame 8F4E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:36 GMT
img
pix.eu.criteo.net/img/ Frame 8F4E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=mhWwn-irkdD7mZLREJ1cecKL
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 09:00:01 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
635494
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=29218251
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
11345
expires
Sat, 19 Nov 2022 13:10:53 GMT
img
pix.eu.criteo.net/img/ Frame 8F4E 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=800&s=KoUUKAWq2H4WAfcVueGNhS0k&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5c6e1a83304838097545a1ef48c04d539f7c04d75d8b081fbe10618b0c1948b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:32:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
75532
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31530800
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
133074
expires
Thu, 22 Dec 2022 19:06:04 GMT
img
pix.eu.criteo.net/img/ Frame 8F4E 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1825361-_x600-nocrop.jpg&v=3&w=800&s=TQmRAb9uaZT4St1IviD0hQ1e&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
368f12a10a00c1967ab63087a3bc15beb8115628542bc5491a1574edbbaf02f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:05:48 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80746
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535905
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
136698
expires
Thu, 22 Dec 2022 19:04:15 GMT
img
pix.eu.criteo.net/img/ Frame 8F4E 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F2106968-_x600-nocrop.jpg&v=3&w=800&s=_YOYCGgMRQ6uxLyzw0rYdBO1&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b8d4a996cd3141d27eaf60e1705f6ce137cc85b836ee05f0bad4aecf7ee5a821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80841
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535995
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
120308
expires
Thu, 22 Dec 2022 19:04:09 GMT
img
pix.eu.criteo.net/img/ Frame 8F4E 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=800&s=LzlBB40wIezU9oSbleSOY3Pn&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0769a620ccba5a6119e7c4ac2c741513c0e5c20d1c13001caca6d838be89c8d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80846
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
141508
expires
Thu, 22 Dec 2022 19:04:08 GMT
all
csm.eu.criteo.net/ Frame 8F4E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8xrCydua4j8TotWVoMUePRg7SQXHKEKkOOKCvmRasHzs7Qp7YUHjwRoVypdeQiLqF0CHod0zXv2R3houQZtOIGXhbde6Ca_beIVpPTUtpT3lqXMFJtluH6Zzf71FDyBxkjlUPo7LDdhJuPiu_2Xj9jQXjH7N04QCDvLcWKes6yJoz1eeRvQkiJIZbDNOba0AzFRFJ4E63DqO1wUxDWZvfczb86YWaBc6v9KvSAqRQAGEBDqBrxfeX8jSGv3fazUAQrVVRw&sds=2&rev=79924&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:35 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8F4E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:36 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8F4E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:36 GMT
frame.html
ad4m.at/ Frame 2033 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires
Thu, 23 Dec 2021 18:31:36 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
1783511
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqTOnMCci7BobGNtHBS8LSzBtVFMzBsNt9wyQ1N9EOVvpSjcVHnVsetUCeaKMsf%2Bw4pe5nioEegglcOtpJj8VXtA9pucDBchyztYY8m41H8cl3fyML%2FS2IkKtsgjf4u%2F9LPJ2Pk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c23530ee95083b4-MXP
content-encoding
br
si
googleads.g.doubleclick.net/pagead/drt/ Frame BCB2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280694&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693862&bpp=1&bdt=644&idt=474&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=x8D0CHDE5A&p=https%3A//newsyou.info&dtd=477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:36 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:36 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
m.mixadvert.com/show/load/ Frame DE7B 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5709&id_name=iYNoE&teaser_name=GiFSQbl&block_name=jYTtNc&ban_teaser=&r=0.11899502072611301&host=newsyou.info&ref=https://newsyou.info/
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5709&r=0.6512519102926333
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
dc818d92e32209d5dd493a8bf45b2b9fc8c17507307495b4504fc8a49923d1c5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
/
m.mixadvert.com/show/load/ Frame EFA9 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5709&id_name=tToGE&teaser_name=jkZZchR&block_name=TzqmRf&ban_teaser=&r=0.5475628323712529&host=newsyou.info&ref=https://newsyou.info/
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5709&r=0.6655095448000035
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
ebd2aca1b9ec793565b3ff3bf1a8e73280046d73c8676224e3381817e1f98d54
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
view.aspx
pb.media01.eu/ Frame 5F59
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=75101400161994200951393011817010&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75101400161994200951393011817010&actionid=731824&produktid=businessgiro&dt_url=
0
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75101400161994200951393011817010&actionid=731824&produktid=businessgiro&dt_url=
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=4edaf566b5&subid=&uid=d23046d422696588&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2776319046684593757%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D88d861c4-b277-4d01-b53f-03426797a169%26mt_cid%3D88d861c4-b277-4d01-b53f-03426797a169%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzAYPdrLEYei4Js7ziQOA_bbgBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBLICT9Cjq5eVmsBqkLa9YgCAZHyFGu-5QlRFMcR02tuV1S1gggeeLdTpd8C2XLJNScqlJLo5FCk8smGqsfSAoZiQLRnJNzQogAAKMBYIO42-T687srda44plbAcxbU7WCrfSXMUZruhQsv8Izqzf8lEJMr04wHC8vO7mDkXRmDro1qjdlNWvzsSymFyRizZypCpywKc0xRqxAj2GCPVVeDSmWg9gkRgHXvXtxWCxFRSKGwwcauErdVlyvBRDrGwu4H50CS9p5D1fY90ckLx0ZBZD12VKGTpMkVFzbuPcbB4SXIuILdEpXyEM4YYmSQPy17jzAKmL7VhJIvftuGNk4GIGplSV4PxiNDK492G87g60R56-z2gXmX7rE2gG2UElwVucFdexp8JC20iJszopb1wAjTgEgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ikakEvrhigDQGKKqHhc_hBlYqSQ%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D250%26slotname%3D3705784778%26adk%3D723310274%26adf%3D1408470707%26pi%3Dt.ma~as.3705784778%26w%3D300%26lmt%3D1640280694%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-sidebar-2.php%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1640280693865%26bpp%3D1%26bdt%3D647%26idt%3D659%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D7f04637ef6abf9bf-2286f6410dcd00d5%253AT%253D1640280694%253ART%253D1640280694%253AS%253DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg%26prev_fmts%3D0x0%252C580x280%252C610x379%252C610x420%252C610x379%252C300x250%26nras%3D1%26correlator%3D3655874803963%26frm%3D20%26pv%3D1%26ga_vid%3D590106492.1640280694%26ga_sid%3D1640280694%26ga_hid%3D760423118%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D805%26ady%3D1158%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%26oid%3D2%26pvsid%3D782908665950961%26pem%3D208%26tmod%3D920%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D7%26uci%3Da!7%26fsb%3D1%26xpc%3DFxcV6e5cpk%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D667&ancestorOrigins=null&random=2965989416439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 23 Dec 2021 06:31:35 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Thu, 23 Dec 2021 17:31:34 GMT
content-length
0

Redirect headers

Server
nginx/1.19.7
Date
Thu, 23 Dec 2021 17:31:36 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.34
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75101400161994200951393011817010&actionid=731824&produktid=businessgiro&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
B9E817B5:EFE9_91EFC182:01BB_61C4B278_C771F2:297EA
X-IPLB-Instance
40028
Cache-control
private
link.html
track.webgains.com/ Frame 7724 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3392345&wgcampaignid=99582&viewref=75101400161994200951393011817010&js=1&nw=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
ff6a461b243e5cd8eeaee5cc411fa1e68351f11c387e3271928ee4fd6e55c8e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:36 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1239
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CPa7iuK5-vQCFUJxGwodYyQIFQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546
8019191.fls.doubleclick.net/ Frame 0528
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPa7iuK5-vQCFUJxGwodYyQIFQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546?
392 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPa7iuK5-vQCFUJxGwodYyQIFQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546?
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
0f7a09758c87bf055b26c9f4c588f5357e3214be18019d43d531818369816e8b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 23 Dec 2021 17:31:36 GMT
expires
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
325
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 23 Dec 2021 17:31:36 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPa7iuK5-vQCFUJxGwodYyQIFQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900010.redintelligence.net/ Frame 687F 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=75101400161994200951393011817010&a=1ac3d655
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=4edaf566b5&subid=&uid=d23046d422696588&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2776319046684593757%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D88d861c4-b277-4d01-b53f-03426797a169%26mt_cid%3D88d861c4-b277-4d01-b53f-03426797a169%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzAYPdrLEYei4Js7ziQOA_bbgBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBLICT9Cjq5eVmsBqkLa9YgCAZHyFGu-5QlRFMcR02tuV1S1gggeeLdTpd8C2XLJNScqlJLo5FCk8smGqsfSAoZiQLRnJNzQogAAKMBYIO42-T687srda44plbAcxbU7WCrfSXMUZruhQsv8Izqzf8lEJMr04wHC8vO7mDkXRmDro1qjdlNWvzsSymFyRizZypCpywKc0xRqxAj2GCPVVeDSmWg9gkRgHXvXtxWCxFRSKGwwcauErdVlyvBRDrGwu4H50CS9p5D1fY90ckLx0ZBZD12VKGTpMkVFzbuPcbB4SXIuILdEpXyEM4YYmSQPy17jzAKmL7VhJIvftuGNk4GIGplSV4PxiNDK492G87g60R56-z2gXmX7rE2gG2UElwVucFdexp8JC20iJszopb1wAjTgEgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ikakEvrhigDQGKKqHhc_hBlYqSQ%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D250%26slotname%3D3705784778%26adk%3D723310274%26adf%3D1408470707%26pi%3Dt.ma~as.3705784778%26w%3D300%26lmt%3D1640280694%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fnewsyou.info%252FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-sidebar-2.php%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1640280693865%26bpp%3D1%26bdt%3D647%26idt%3D659%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D7f04637ef6abf9bf-2286f6410dcd00d5%253AT%253D1640280694%253ART%253D1640280694%253AS%253DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg%26prev_fmts%3D0x0%252C580x280%252C610x379%252C610x420%252C610x379%252C300x250%26nras%3D1%26correlator%3D3655874803963%26frm%3D20%26pv%3D1%26ga_vid%3D590106492.1640280694%26ga_sid%3D1640280694%26ga_hid%3D760423118%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D805%26ady%3D1158%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%26oid%3D2%26pvsid%3D782908665950961%26pem%3D208%26tmod%3D920%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D7%26uci%3Da!7%26fsb%3D1%26xpc%3DFxcV6e5cpk%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D667&ancestorOrigins=null&random=2965989416439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3a2f41c9aa70062c58f679c2038f0adbdd2a6668d761ca698d2e1e4d41e9d840

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 23 Dec 2021 17:31:36 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2081
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 7724
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=75101400161994200951393011817010
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:36:26 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Server
nginx/1.19.7
X-IPLB-Request-ID
B9E817B5:F005_91EFC182:01BB_61C4B278_C77615:4417
X-Powered-By
PHP/7.2.34
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
cshow.php
www.awin1.com/ Frame 7724 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=75101400161994200951393011817010&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:36 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
demography
prodmp.ru/pclicks/ 		3 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks/demography?domain=newsyou.info
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
rav4ever.ru
Software
nginx /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 23 Dec 2021 17:31:36 GMT
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
/
c.mgid.com/pv/ 		0
69 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1640280696207602888054&uniqId=09999&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fshmygal-rasskazal-kogda-v-ukraine-razreshat-vvedenie-busternoj-dozy-vakciny-ot-covid-19%20&lu=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&sessionId=61c4b278-122c0&pageView=1&pvid=17de8592590a24a2ea7&site=413933&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23530f5900c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ Frame 8F4E 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:44:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
css2
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 15:47:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
d0361c3202ab9a6b.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/d0361c3202ab9a6b.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
f4fcea89d430967c0e79d7d860cdc150b8171e52f55b2455509535a9c7d5290a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 12:55:06 GMT
server
nginx/1.18.0
etag
"61c3202a-71c5"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
29125
d0361c32065b4e19.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/d0361c32065b4e19.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
82c3ed6ff4ab2a922e388aa0ae0894d86036393ebff63f2e7e74efa9f708cad5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 12:56:05 GMT
server
nginx/1.18.0
etag
"61c32065-7699"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
30361
truncated
/ 		526 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b267a4cc065aca882faaa89c18de0dbf47ed477b17aa66cb4e7b0a7ec0500de8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
d0361c31fee1b24a.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/d0361c31fee1b24a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
6804acce8caf4034e76ca17282755c64641e3d54ae4c7f6218d059d076cb9e22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 12:54:06 GMT
server
nginx/1.18.0
etag
"61c31fee-a2b1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
41649
d0361b8fbc2a3862.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/d0361b8fbc2a3862.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
4af9d6205e6e709dfff2aed32006a5ad62a2c730b7e43d8a0968a718b69c75c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 14 Dec 2021 20:17:06 GMT
server
nginx/1.18.0
etag
"61b8fbc2-52eb"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
21227
d0b61c2d4070134f.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/c02fc2ca61cb439c9a52c9def803937d/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/c02fc2ca61cb439c9a52c9def803937d/d0b61c2d4070134f.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
8b61496a1ad0e557fdc39e4f6d8bedbf38aed4bfade3983372e751c17b9859f1

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 07:30:15 GMT
server
nginx/1.18.0
etag
"61c2d407-5eb7"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
24247
truncated
/ 		525 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e461f1fc8c8c579ce2cfd14d323e118b437217a5deedd3d7e59e0a9d7e944b1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		349 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bacf5d2cdcb9e75599240481a7a703be7aacb54e21cd79eca6f911e1654b546f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc17d109139a33b161c661f209fc503ee7fcf8f7ebbbf3aaf535ed0ab2b8cc89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 48D9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14724
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7724 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11e0e48a5c430b94f62759c5bacfa98795b8f6c5646e01c95b5b8f13f3e4e639

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 8F4E 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 20:07:29 GMT
x-content-type-options
nosniff
age
163447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 20:07:29 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 8F4E 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 03:56:06 GMT
x-content-type-options
nosniff
age
135330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 03:56:06 GMT
38170-438579-KGr.jpg
i.mixadvert.com/8174/38170/ Frame EFA9 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438579-KGr.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Tue, 30 Nov 2021 11:30:40 GMT
Server
nginx/1.12.1
ETag
"61a60b60-4b0f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19215
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438578-259.jpg
i.mixadvert.com/8174/38170/ Frame EFA9 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438578-259.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Tue, 30 Nov 2021 11:29:43 GMT
Server
nginx/1.12.1
ETag
"61a60b27-5d4c"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23884
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438575-5yf.jpg
i.mixadvert.com/8174/38170/ Frame EFA9 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438575-5yf.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Tue, 30 Nov 2021 11:27:51 GMT
Server
nginx/1.12.1
ETag
"61a60ab7-62ef"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25327
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438575-5yf.jpg
i.mixadvert.com/8174/38170/ Frame DE7B 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438575-5yf.jpg
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/load/?id=5709&id_name=iYNoE&teaser_name=GiFSQbl&block_name=jYTtNc&ban_teaser=&r=0.11899502072611301&host=newsyou.info&ref=https://newsyou.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Tue, 30 Nov 2021 11:27:51 GMT
Server
nginx/1.12.1
ETag
"61a60ab7-62ef"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25327
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438579-KGr.jpg
i.mixadvert.com/8174/38170/ Frame DE7B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438579-KGr.jpg
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/load/?id=5709&id_name=iYNoE&teaser_name=GiFSQbl&block_name=jYTtNc&ban_teaser=&r=0.11899502072611301&host=newsyou.info&ref=https://newsyou.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Tue, 30 Nov 2021 11:30:40 GMT
Server
nginx/1.12.1
ETag
"61a60b60-4b0f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19215
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438578-259.jpg
i.mixadvert.com/8174/38170/ Frame DE7B 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438578-259.jpg
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/load/?id=5709&id_name=iYNoE&teaser_name=GiFSQbl&block_name=jYTtNc&ban_teaser=&r=0.11899502072611301&host=newsyou.info&ref=https://newsyou.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Tue, 30 Nov 2021 11:29:43 GMT
Server
nginx/1.12.1
ETag
"61a60b27-5d4c"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23884
Expires
Thu, 31 Dec 2037 23:55:55 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
cf-cache-status
HIT
age
5357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c2353132ee5c29a-FRA
expires
Fri, 24 Dec 2021 17:31:36 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
cf-cache-status
HIT
age
5378
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c23531348d36916-FRA
expires
Fri, 24 Dec 2021 17:31:36 GMT
block_head.png
mixadvert.com/images/logo/ Frame EFA9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
block_head.png
mixadvert.com/images/logo/ Frame DE7B 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
mapping
dprof.site/matching/ 		17 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=0b396c07-268e-4eb9-bfd9-c524f8529fe4
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
activeview
pagead2.googlesyndication.com/pcs/ Frame 9265 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3rv0QfWw53bugppHMTIQYuG8kUHBGTP7hMQq23wgAf6tcBYv4rWhSCwXFJWKtB1xWTtbSJLz8ae5y5unXxCS8Nw&sig=Cg0ArKJSzHip9-L9e493EAE&cid=CAASF-RoecFTIvn9TQbcschr2o_KUlxyyPfx&id=lidar2&mcvt=1306&p=0,0,250,300&mtos=1306,1306,1306,1306,1306&tos=1306,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=895116589&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640280694422&rpt=989&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
servicer.mgid.com/1122348/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1122348/1?pv=5&cbuster=164028069674936454044&uniqId=09999&niet=4g&nisd=false&jsv=es6&w=610&h=203&p3_w=197&p3_h=183&maxw_3=197&maxh_3=183&cols=3&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fshmygal-rasskazal-kogda-v-ukraine-razreshat-vvedenie-busternoj-dozy-vakciny-ot-covid-19%20&lu=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&sessionId=61c4b278-122c0&pageView=1&pvid=17de8592590a24a2ea7&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236243c905396b497287c2eecea91eee817997f903a12b28c84e047616346cfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c2353134f25c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1024868/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1024868/1?w=300&h=496&cols=1&pv=5&cbuster=1640280696750717549110&uniqId=0a764&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fshmygal-rasskazal-kogda-v-ukraine-razreshat-vvedenie-busternoj-dozy-vakciny-ot-covid-19%20&lu=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&sessionId=61c4b278-122c0&pageView=0&pvid=17de8592590a24a2ea7&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd9a9b7c90289f6dbb870b609765d8a5a8bec9b5150f7b866f47f63c7cd1cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531399b86916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1146775/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1146775/1?w=610&h=123&wrongImageSize=1&p3_w=197&p3_h=93&maxw_3=197&maxh_3=93&cols=3&pv=5&cbuster=1640280696752688657316&uniqId=06868&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fshmygal-rasskazal-kogda-v-ukraine-razreshat-vvedenie-busternoj-dozy-vakciny-ot-covid-19%20&lu=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&sessionId=61c4b278-122c0&pageView=0&pvid=17de8592590a24a2ea7&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c20ebe7f71ab5d3576cda01715364f9c8ee295cf56251837aa794ce2e21bed5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531399b96916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
enr
dmpprof.com/ 		2 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/enr?href=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&title=%D0%A8%D0%BC%D1%8B%D0%B3%D0%B0%D0%BB%D1%8C%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B0%D1%82%20%D0%B2%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B1%D1%83%D1%81%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B4%D0%BE%D0%B7%D1%8B%20%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%D1%8B%20%D0%BE%D1%82%20COVID-19%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
rs
ad4m.at/ Frame 8963 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0420356b719515bc78a170da39949be8b906e66ad95c7a99b1d921787801802b

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c2353137c4a3743-MXP
date
Thu, 23 Dec 2021 17:31:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKD9YuQJ7PT5m4DVhY4EQayzS60wvcKb%2B1VltC3PoMOsusnEzjMMFYVe8weZ7y4T20HmTYKeLl6cXOhYhpqggzeMupRz%2BoqqcNTYuWuX0wYjeMaP3y2BSNfRAfhaMpWVgXj8uHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-nb24
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-nb24
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmPcP1VlYFaX%2B4Qv8zcIRa3bMmTOQXCM%2Fn8i8yOCK%2BJJkD9QKi9Z%2FZCpB1KMAqmlAU%2Bt%2BB1EFYcBtJNPq0VGl6gQ4UadHjVFbATD0cVqSq34U9Lrwl2rmtJfXNgFNVY5WRuoZBM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c2353132b833743-MXP
rs
ad4m.at/ Frame 5B50 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd46c5ca19a18ec6504ec8c7e9ecb27845853792245840b4dd98dca12f58d10

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c2353137c463743-MXP
date
Thu, 23 Dec 2021 17:31:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsVekeIwgB4az5dQrPF4fkt7nGLotSyqhWbdvcQRlVIfoT0bK6j8UdrDlHaNFqe0ligI%2F4pOh55ejMl1lGWSzTdEfPTVhX6NLPTN8pTC5w51skbSLZkS4eiPMfQ4zsgpMomaDzw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-nb24
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-nb24
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZ7yI6v83adVPExvlUFcVOzVJ%2FG0dUiyRj%2B0hxOch%2F3K1aVHoZeESdYcoeQmGygnYMsaQ%2BG6gzuEN%2BZAcfywdjDJ8EziYFTCIiqHZFYEmGntt%2BVWUsS8X85nc%2Bl8t2FtH3%2BlmzA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c2353132b863743-MXP
view.php
ppvesdfiojol.com/ 		2 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/view.php
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
412999200:11
expires
Thu, 19 Nov 1981 08:52:00 GMT
css
fonts.googleapis.com/ Frame 687F 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=75101400161994200951393011817010&a=1ac3d655
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:29:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
/
hal9000.redintelligence.net/scale/ Frame 687F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=75101400161994200951393011817010&a=1ac3d655
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
847da1bce1ce13aff703a5924ccec21251bc5310a3904d57f5dcc1b8300726c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16464
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 687F 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=75101400161994200951393011817010&a=1ac3d655
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
208072788ec5d30485f0dffebe5d452db27745a9395d1eccb9af4fceeb293ad1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16858
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 687F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52085/creativesup/affiliate-panini-familienzeit-banner-1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=75101400161994200951393011817010&a=1ac3d655
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
569e1ba04a98aca294d4d0a2b67e92de6cb19c2e4ab1dbf0c29330ad2de9f913

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16145
Vary
Accept-Encoding
Content-Type
image/png
dc_pre=CPa7iuK5-vQCFUJxGwodYyQIFQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546
adservice.google.com/ddm/fls/z/ Frame 0528 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPa7iuK5-vQCFUJxGwodYyQIFQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPa7iuK5-vQCFUJxGwodYyQIFQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=207925076857.97546?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BF17 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvugl9r-jWZB2BiD4lF9VXOtdKNZvhyCK8YC95XRIQLsBZXQdGILHrjyBcqMnJ4Zly2LCfdt20VQ6fGT0-fwLawXw&sig=Cg0ArKJSzFHEWHYeAUjpEAE&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=601,1004,1004,1004,1004&tos=601,403,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640280694918&rpt=852&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 48D9
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIDzx0oQL0lq7weq_bRgluc&google_cver=1&google_push=AYg5qPJJqGnAcpDqnhyYE1WwdidvYv4s5fog9kah2TjPo9KnM0JXHp55LM...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJJqGnAcpDqnhyYE1WwdidvYv4s5fog9kah2TjPo9KnM0JXHp55LMEapCA0mKtQ_CrY6UillmWV24V5GRyM_vMkFlz1CA9SECHyZhNrHEBE7lS5P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJJqGnAcpDqnhyYE1WwdidvYv4s5fog9kah2TjPo9KnM0JXHp55LMEapCA0mKtQ_CrY6UillmWV24V5GRyM_vMkFlz1CA9SECHyZhNrHEBE7lS5PWqaFSe841NooKeeWgYfB2yNwBtrdXJA9ehOdZQ&google_hm=MkqhmvUEoC7iP-31GCTFyg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJJqGnAcpDqnhyYE1WwdidvYv4s5fog9kah2TjPo9KnM0JXHp55LMEapCA0mKtQ_CrY6UillmWV24V5GRyM_vMkFlz1CA9SECHyZhNrHEBE7lS5PWqaFSe841NooKeeWgYfB2yNwBtrdXJA9ehOdZQ&google_hm=MkqhmvUEoC7iP-31GCTFyg
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 48D9
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEDZXUXXuWg39cse0YWRZXk0&google_cver=1&google_push=AYg5qPIQVmK80m49CwEFGJrC5sk3c2f_7FmxCSTlj06k2fT9Nt42B6JIDNNLFE52GLO85XpytOdkcxomfggen_LBBtSifPw-DlyZ7...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIQVmK80m49CwEFGJrC5sk3c2f_7FmxCSTlj06k2fT9Nt42B6JIDNNLFE52GLO85XpytOdkcxomfggen_LBBtSifPw-DlyZ7oVByJFTjNxWsGB5eYH0IOTLbo9OukuF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIQVmK80m49CwEFGJrC5sk3c2f_7FmxCSTlj06k2fT9Nt42B6JIDNNLFE52GLO85XpytOdkcxomfggen_LBBtSifPw-DlyZ7oVByJFTjNxWsGB5eYH0IOTLbo9OukuFcPacNsSD5p68w1-tkln6-Q&google_hm=Q0FFU0VEWlhVWFh1V2czOWNzZTBZV1JaWGsw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:35 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIQVmK80m49CwEFGJrC5sk3c2f_7FmxCSTlj06k2fT9Nt42B6JIDNNLFE52GLO85XpytOdkcxomfggen_LBBtSifPw-DlyZ7oVByJFTjNxWsGB5eYH0IOTLbo9OukuFcPacNsSD5p68w1-tkln6-Q&google_hm=Q0FFU0VEWlhVWFh1V2czOWNzZTBZV1JaWGsw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 48D9 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIU61wyOGRHxA-0LUMF-u4w&google_cver=1&google_push=AYg5qPIQ1UttwYvkEo60pvS1hJcr3ncFdYK1nKC_to5ukLVRIhi2rl7uT7_2ptbqm4xb-JcJQaLh2QIWnJn5YJrrcNeu2zgLL06pfDNwKU7jooF4cByDCMhAAtiU8XmwJLG7c2o5drojs4AjAiztrnU-Cw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
snra259n491eu9ts5gopipfb4sadn32u
pixel
cm.g.doubleclick.net/ Frame 48D9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL5mp2JqrIqHmCb_jTCUF6SjV3LrnHB4q0rjPrK5ZWCB1SRTt0O3PzB-AcoXnzKUtN8InqzxH8QC4Uv2apWfOnLC9J2llCoeB0MRj64oFeYmCUSWzc-JBzQucfpQhTJR1SDEqJef77d1g9K_znwbGk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cvYdbcXgQQeM9FFiNCmeVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL5mp2JqrIqHmCb_jTCUF6SjV3LrnHB4q0rjPrK5ZWCB1SRTt0O3PzB-AcoXnzKUtN8InqzxH8QC4Uv2apWfOnLC9J2llCoeB0MRj64oFeYmCUSWzc-JBzQucfpQhTJR1SDEqJef77d1g9K_znwbGk
date
Thu, 23 Dec 2021 17:31:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 48D9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENjLpJ_UoXt3Du_F4_2jWhs&google_cver=1&google_push=AYg5qPLWhfz9WeWfxON1IBRlNHxoUy4Ne0A8g8Do8X0uzMvXFqD0xt_WP4_neDUfMBggZuHwDSk...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJYVFEtRC1IUTY3&google_push=AYg5qPLWhfz9WeWfxON1IBRlNHxoUy4Ne0A8g8Do8X0uzMvXFqD0xt_WP4_neDUfMBggZuHwDSk2AHyclBnG77LOpKWEz84uXq_qRkuc7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJYVFEtRC1IUTY3&google_push=AYg5qPLWhfz9WeWfxON1IBRlNHxoUy4Ne0A8g8Do8X0uzMvXFqD0xt_WP4_neDUfMBggZuHwDSk2AHyclBnG77LOpKWEz84uXq_qRkuc7F8Jt_HfuSy4T3yH0VSbjMJ-iXecP6NWPUuU3wD9ji5CFxvNOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJYVFEtRC1IUTY3&google_push=AYg5qPLWhfz9WeWfxON1IBRlNHxoUy4Ne0A8g8Do8X0uzMvXFqD0xt_WP4_neDUfMBggZuHwDSk2AHyclBnG77LOpKWEz84uXq_qRkuc7F8Jt_HfuSy4T3yH0VSbjMJ-iXecP6NWPUuU3wD9ji5CFxvNOg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 48D9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpK...
0
0
pixel
cm.g.doubleclick.net/ Frame 48D9
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEBP5h-61MwE6nw_w-NDeBQ&google_cver=1&google_push=AYg5qPLmlIvxBwiKfisxopBk7DFG9kyVSDjhxtH8tCJ3F68k8e_DtfVk0yd_nVA-EdYQ7oVD_1OrtCoEEPkZbKakfCkQ-dq...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLmlIvxBwiKfisxopBk7DFG9kyVSDjhxtH8tCJ3F68k8e_DtfVk0yd_nVA-EdYQ7oVD_1OrtCoEEPkZbKakfCkQ-dqUwnnBRGFLvWdBQGcG00n5aN4RW2ioy7X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLmlIvxBwiKfisxopBk7DFG9kyVSDjhxtH8tCJ3F68k8e_DtfVk0yd_nVA-EdYQ7oVD_1OrtCoEEPkZbKakfCkQ-dqUwnnBRGFLvWdBQGcG00n5aN4RW2ioy7XWk3i63Eg2KBvaYdQJelqhWqZlpAE&google_hm=l3_05KldTmCNyomlpBhF2g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLmlIvxBwiKfisxopBk7DFG9kyVSDjhxtH8tCJ3F68k8e_DtfVk0yd_nVA-EdYQ7oVD_1OrtCoEEPkZbKakfCkQ-dqUwnnBRGFLvWdBQGcG00n5aN4RW2ioy7XWk3i63Eg2KBvaYdQJelqhWqZlpAE&google_hm=l3_05KldTmCNyomlpBhF2g
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-cache
content-length
0
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 48D9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILsNx06xC63XV_mzMLctUiMlCVSErmF9nTQUrSomEjntnyO9uhgUJi9Ymj4sbEjMP3utxO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900010.redintelligence.net/ Frame 687F 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=75101400161994200951393011817010&a=19fcb998&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=75101400161994200951393011817010&a=1ac3d655
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=75101400161994200951393011817010&a=1ac3d655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 687F 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 20:17:49 GMT
x-content-type-options
nosniff
age
162827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 20:17:49 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 687F 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 11:22:37 GMT
x-content-type-options
nosniff
age
108539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 11:22:37 GMT
rs
ad4m.at/ Frame 9CBB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0ccb863254d37fdaf0820eec7dd45e2d2aa686332f02231185b1b62973c3bab

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c235313ac9c3743-MXP
date
Thu, 23 Dec 2021 17:31:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrUXohnVD2k6sVNpQzNblikoVtOFxz1jTrQn4I1OYYhZ2ubzup6cqFqnIofDdrIqAwMgQtgjYHR6l1cTGPU91SZJVE7JautSTYyH0DLJtOGgg%2BCkMp9%2FLC8eDX6rH1zwbqhZmUI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-nb24
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-nb24
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf0aOe8HucoHQQjxIX7MKpsCz9%2BotLM8Q19R8DDUeqgg9lhPV4smKeU76QZrZGwbyzbDD7O6nzBhZaH3qT08g49cbIUm2INYW8TQLDrlIliecFBna9SQMTxcpgkedjeknWp5NjQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c2353134bdb3743-MXP
pvClk.min.js
analytics.webgains.io/ Frame 7724 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3392345&wgcampaignid=99582&viewref=75101400161994200951393011817010&js=1&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24092
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
fyXZJr7_4xMm09vPciEq_aXzZT3dIZpZikCPh6jyHEvx84pHzzSVTw==
link.html
track.webgains.com/ Frame 7724 		160 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=49598800130587100710772011817016&wglinkid=3392345
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280694&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280693865&bpp=1&bdt=647&idt=659&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f04637ef6abf9bf-2286f6410dcd00d5%3AT%3D1640280694%3ART%3D1640280694%3AS%3DALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3655874803963&frm=20&pv=1&ga_vid=590106492.1640280694&ga_sid=1640280694&ga_hid=760423118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=782908665950961&pem=208&tmod=920&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FxcV6e5cpk&p=https%3A//newsyou.info&dtd=667
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:36 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
160
Expires
Mon, 26 Jul 1997 05:00:00 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2EyYWI2YmE4ZmJiNDI0Z...
s-img.mgid.com/g/11739873/492x277/-/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739873/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2EyYWI2YmE4ZmJiNDI0ZTVkOWFiYTRkYzIxZGVkMjAucG5n.webp?v=1640280696-zmz95E2Ll53YZQKY4Ry8vXyNomJc5xQIm5dfTJwvrxw
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26cf4453783f0965a47a2281abec28445f27f8ff34d33dd47528706dd4de10bb

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:46 GMT
x-mg-request-uuid
f36e01f9-7d8d-430d-9976-83fdb4497998
age
188027
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c235313dca34ec8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20262
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNWRiMTQ0ZWRhM2MzMDdlN...
s-img.mgid.com/g/11739862/492x277/-/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739862/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNWRiMTQ0ZWRhM2MzMDdlNjRkODVjZDk2OTQyMTA0NTIucG5n.webp?v=1640280696-4_QwPWhOm9Z8sPFLcCxK_hyDadbXZtfxfyWR7wKmaLA
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce452421ffc53808c61795729eef02db9132d6d2cbc68198b158dce56b519272

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid
4632aa9a-a02f-4146-890c-44306af8def5
age
187020
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c235313dca74ec8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9756
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2YyYmEwNmU2YWZkYjFmY...
s-img.mgid.com/g/11739860/492x277/-/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739860/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2YyYmEwNmU2YWZkYjFmYzcxNjY5OGNlMzZmYjU4YmIuanBlZw.webp?v=1640280696--P1GVHl4k-mxGe5cj2QwJEZ5DoeS05cyCWTqfK8TDSc
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1921065dc2b974eeba17a2617c121528af4dcab92c688db4d249f4aeca802a

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
fb5209ca-6eb3-41c3-a2fb-b45238e0507f
age
186778
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c235313dca94ec8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16040
server
cloudflare
rar
as.ad4m.at/ad/ Frame 551D 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306eb5d258e02b405f7ee24f144a4964207f46d1d09843787151a79a26f1d4ee
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gveb4pjasy65z0ecmjp43ym5np0f8yd650yy1f0wj2hvsb1xag033549f1bk8j05m56m9gs4bjb193j93zhaqjepk45sxq6vbtaf784hrja8e4sdesmmrgeex00hkcrv2fb8206vhsw45q9t47yer1xvs7w8nzm27dzx60pa9gqtcwnz6qr239fr4c8dpcznp562mrmghv2k5j6z8ke3rvahtbr9ksh88az7gt81g427atjyww6w5ggehy29mnjxq540stjfe68d7e4ydkexx9qypc6sqv3zra7azyxgsmn0gmt2k90jh7ryrybq157f404w92hdez28w4mevrq6tgcz7e41tv3c3smzra5777k74bjzy2ha5vtge3cjrfbt5e0vp8ewph9zd7sca78e9wfcaqfwt4s586sx9whbfmz1pnbefzdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c235313ee1d83b4-MXP
content-encoding
br
rar
as.ad4m.at/ad/ Frame 6150 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77b2643024ca1763872e531b8d8887754aad1dc313991c4584bda127ef29dc1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jz62s76cv5kygepzvnssvew8cetwqefh795rfsab85yqs4dq7c2fzgbedp4cvhg3ccbvtcthkyv803vg2hb11e67v5re0kvgfmcb32k341nqejkmjs84jfaz817mv2habfbc52rj78n4g0c89kqaneb765hj4wydws3x0war4yw6nr4h9bszxwtgkbbs15rtxv8qb329r672eeeg16ss57hswj9bpz1r232jrfbsj6qp87e938mfk0g3k0dmcfwavrmbzjmf83k1ck2sz7sxntv1n7z98r25zf5bttwpkfmmda0qyf5wvq6q1gn07mada80mb08rtqw292zx8q0fchp6b3x1nm2fv6n7r8c9h1tfxczkgcphbxnxnksr0kg8pbzg5y0ersbmpnyrdxyyc36jma3c1yhky3avhcqxgm5xn704mnsr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2353140e8c83b4-MXP
content-encoding
br
mapping
dprof.site/matching/ 		17 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=0b396c07-268e-4eb9-bfd9-c524f8529fe4
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
rar
as.ad4m.at/ad/ Frame F4D0 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e2f454b3a01ab26e43dfa17826225f9dabdfaa62c3bfd6e5defeba152b8b36
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gh7sbw49cdt078yg6x9b1wxwvxvm608w7mhb8t6ex9wq8c98p51p20t0xn77qwy0wt13bqg5zsrr7s0t09pf7v2av08zr1x89z7hkbmyae704mta1xz1tgmyqshzfsrtrrc5g4pw4kyxnm3dx2wee16vcpqm3fp74jxxm4x45qh4gvwa2r11j8wp3fh7k1d7415fqjqvx6v710wcnrr0vacn2r1709ccjbgmn7g81dc0f4wee69v56q0fzq4eybgnwmtgptphdp94qxyqcfz1magyb136v6jkmps5ztb6wxbjysgrqwwcfy66j10jgsh0k8kzaws678epksewnmmpqkz47v7faj2w16j9cn8pbeh6rvdyefggjm3gwcxqvevyw3t36xdaaa4tj7c8qkxeb1qd6qaxv078tacw63gvxpst6e3p96c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2353142ed283b4-MXP
content-encoding
br
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDFhYTAwNDliZTFiMTQ2Z...
s-img.mgid.com/g/11739857/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739857/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDFhYTAwNDliZTFiMTQ2ZThhZGM3MTU3OWQxOTI3OTMuanBlZw.webp?v=1640280696-4OzspXEZRjVxB8Q8xld8BDikZ9UQmmYK5xXymMjuA8Y
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3a4032a23d7f94be7a6b3199fc6e227d8933d280fc0d3d3d842117a61a7dc94

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:43 GMT
x-mg-request-uuid
3e9f7b95-03e9-4b98-8791-42c77ae6f293
age
18992
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531458364001-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33276
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvN2Y2ODI3ZDA0MjdlOTAwY...
s-img.mgid.com/g/11739831/492x277/-/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739831/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvN2Y2ODI3ZDA0MjdlOTAwY2MyYWU0OTg2MmViMDk5ZjcuanBlZw.webp?v=1640280696-_hUsxnW-GxVpePjr9YcnJPIJw5EUtbRb9D07K8bIuHQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a19d5065354bc8a69d35fae71d9f5712f927c27821f171872e8356f1a6e2186

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
224cf201-ffdc-42d1-8f1c-f65946dd1da1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531458384001-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31602
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0L2NhMmFiNmJhOGZiYjQyNGU1Z...
s-img.mgid.com/g/11739873/328x328/-/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739873/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0L2NhMmFiNmJhOGZiYjQyNGU1ZDlhYmE0ZGMyMWRlZDIwLnBuZw.webp?v=1640280696-RmfzdhocId8z3XqUrlTJUpE8QbcjskviQM363S7R1uM
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf80ccd052f402f68de97783975f374f2cb19f772b95bbcea5241b87370449b

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:58:32 GMT
x-mg-request-uuid
641b91d0-a54d-4a03-a502-28052578474f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c235314583a4001-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16368
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9pbXByb3ZlLGZfanBnLGdfZmFjZXM6YXV0byx3Xzk2MC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvOTlhNWQwYjEyYTg4YWIyYmVlMDQ2M...
s-img.mgid.com/g/11739847/328x328/-/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739847/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9pbXByb3ZlLGZfanBnLGdfZmFjZXM6YXV0byx3Xzk2MC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvOTlhNWQwYjEyYTg4YWIyYmVlMDQ2MmRkMDU5ZTA5ZTkuanBlZw.webp?v=1640280696-FXg8KCdDnnire2Vx6vY1RntnbBZ_1GmbpKpkNFb5uYo
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970f5f199c6b477b36003203a8abf5af633597657283492e2a20fc793cbdd451

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:10 GMT
x-mg-request-uuid
8f3ef752-a156-47d0-9baf-5f7b9370c8f8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531458314001-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10526
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0LzQxYWEwMDQ5YmUxYjE0NmU4Y...
s-img.mgid.com/g/11739857/328x328/-/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739857/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0LzQxYWEwMDQ5YmUxYjE0NmU4YWRjNzE1NzlkMTkyNzkzLmpwZWc.webp?v=1640280696-0-lbPZS0N47Tq6riGpdUsd_e45ICmSOC4Tb8a65um0w
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c24ca4d0934a5664764ef8f8f993f90089902be399096f7c6b6e0dae726df08

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:53:16 GMT
x-mg-request-uuid
71f7c571-c28f-43c8-805b-b132efad88a1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531458344001-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28364
server
cloudflare
i.js
cm.mgid.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1640280696989311247455
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3efc77df977d35738ee6cf92152d49ba78ee0dcaa6fd4e09b5e8ee72d7ce7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353143b1f6916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 551D 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695194
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c235314b83f83b4-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 551D 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1797180
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycduo0UTEdnOX-MiABea3R9RVC-wUFGbcbM88E97re81Z722vGl7PPS0-v7ZFyRoBHDbyGT1R2Iixydz_fKctb0kf50Zd5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKHkcJ5gSpQA6TwEY0GCwROUK%2BFtmZBrPKfQHvtz7Nl5Atz606OOZjoMvfBAgjCm0snz0HxXyu%2BGEdQFsHxxMhKbBa%2BwNaoFe1LzOYUZybj9vQR02o9gm6kD4BCrU5W0BFlBKCYElSTTfulB"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6c235314cce1839d-MXP
cf-bgj
imgq:85,h2pri
BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
assets.ad4m.at/product_image/ Frame 551D 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f26214d8975f1237fe74617e0599689ffe0daceb0b78ca7f27b8cacd005dbbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=0cfKgg==, md5=CA0MSDnZ60/QjP/qRLEGmg==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
992732
cf-polished
origSize=62182, status=webp_bigger
x-guploader-uploadid
ABg5-Uw4eu-UfABZbkY2K0luF15iBknX9NINI6Mycnx3DXvazBg7ySjIxiFuCqXWW1MkBlDA7v7eDmuecY4IA30K-R4LC6V7JQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59764
last-modified
Wed, 09 Sep 2020 07:43:04 GMT
server
cloudflare
etag
"080d0c4839d9eb4fd08cffea44b1069a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=897mww8VjRXLEmTx8%2BeF39%2FEHSBvocjuKS687hdC2OiWl0UZryYay5oawFM8QiZzYV5dyRov9JVns7QgNymzkZXPNnHJL3wuFUYWBvDbjYnBbjuE%2BNAn69RrDJn2N%2B%2BcVzMRp66eh76f9gHp"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1599637384558000
content-type
image/jpeg
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
62182
accept-ranges
bytes
cf-ray
6c235314ccdd839d-MXP
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame 551D
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313760669264943X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPko...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112231831376066926...
43 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313760669264943X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313760669264943X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 551D 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257607
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdtd_qzJJ2j8fLhc4MnJy8Pr9WXO00HsOwNKEMijhkjdKL7lwbsOmTLi6JDxSHzxUMKw-IAs7yuzXaCBOIMf-G4xdCME-A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BZlnE5%2BC7WHcEA8D0pAiDx4mAh6SmXZXGsvA3q0Hcudp%2FD%2BmI0tF5zK8DqvG8wFm2F%2BST%2B7EP4QoSpzz456XJujKQ3306Ge2HlBXchDNxEAVZTesn%2BN1PQCquypwnzkw3Fn66eB7rUp9Z2t"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6c235314ccda839d-MXP
cf-bgj
imgq:85,h2pri
109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
assets.ad4m.at/product_image/ Frame 551D 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=HwscaQ==, md5=QEKMkuOfQyYKQIg2TmID3Q==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1200581
cf-polished
qual=85, origFmt=jpeg, origSize=109711
x-guploader-uploadid
ADPycdtAx5MhXvq8JboEeV5n4mD38DKkgrD4YMDirZYgKBblp9kX8Lih4Ucli4L7y5LuZBZIyU2gG0E3_v1SdJ01wdU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20822
last-modified
Thu, 21 Oct 2021 08:32:12 GMT
server
cloudflare
etag
"40428c92e39f43260a4088364e6203dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFJ8ryqdrKx7BvRTk0L4rmqCtrixj0zRB5O045wX1%2Fi3CbY9EF%2B0dJp9KVWY0HLfl75a6kgh5jsJ7E8XzteaGa1vouXZDtcLBP6LSbIj%2FmakMoUldxC4pw9kLFudupJ7Ebi1yftZVGSsUkm7"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634805132458381
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
109711
accept-ranges
bytes
cf-ray
6c235314cce4839d-MXP
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame 551D
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021122318313760669264967X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidGCbIPkoL...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211223183137606692649...
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313760669264967X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313760669264967X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 551D 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
672365
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdsMuNP0FtOuwV3_DxjWDWoPwx_l5twZyCkUiu27EOgGevWwuw4GTv9nsagwHAhk9Om9-KiH2uDaTT3-CYXAk78-UaaanA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjJmlJqhL2NezlVXJc1xdtsBakm7922P0AaEM3KFwsy8In8Tm06Hixwsb1SPW1U0%2BFs0fHMUS%2BHrWbHToUqFHCkOpmAQ6ud4ezv%2Bnp5oeg7vawRs8pbFUEzHamEagE%2FnISyouiiDk3ll%2FAwG"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6c235314cce8839d-MXP
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame 551D 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667000
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdtL3iHWGshjHzk9fYSNKarzn2QVqCejhvSceWz3vgIP-P56wyjWIDaqQJM2UjjLK8WC2vXVQ07qayZXCrTmG_AkibL1kA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0ckbzTxE9D9d2nONLBd8P8%2FU57RiE%2BQWQg5u6xQVWoAakoZXhjRpz7PhBSAfnOTD%2Fp8edVe7a%2FDTm0h3%2FiPoTmaLnGXSRXjrzdQUXJF6%2FKJ0b5Z03%2FXE43aX6fhiDT%2BAVJ%2BVVm7XnxjcIhS"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6c235314ccea839d-MXP
cf-bgj
imgq:85,h2pri
i-noref.js
cm.mgid.com/ Frame 52BC 		19 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1640280697062879751885
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c235314ac526916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 6150 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695194
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c235314c85c83b4-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 6150 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1797180
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycduo0UTEdnOX-MiABea3R9RVC-wUFGbcbM88E97re81Z722vGl7PPS0-v7ZFyRoBHDbyGT1R2Iixydz_fKctb0kf50Zd5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHWlUo4xy6gRzvF1lJ3LjAddkR1PyqsVE6MnuNPQkLEik2216fqdAjiT%2BnrROfjh37v2npPmDHGNgleoyvrsbfW%2FVYDFeabyGXHi6LDcPV6n31Cu3GzNo3Vd%2BDL9ctb3Z7eo%2FAJXkqh1dbKw"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6c235314ccec839d-MXP
cf-bgj
imgq:85,h2pri
8268F80203B2870DC4906ECACF07D5681B4610E20AB03421A134D0741618B0482746C1BEB793CE31091452FAF3A55E9AF3218E4BF79E8E1F82DD22242835D6D2.
assets.ad4m.at/product_image/ Frame 6150 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/8268F80203B2870DC4906ECACF07D5681B4610E20AB03421A134D0741618B0482746C1BEB793CE31091452FAF3A55E9AF3218E4BF79E8E1F82DD22242835D6D2.
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2645e770f595032c42715c6cc1ebda7cef04e1bf2faadea2b8d5686b34042b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=gfkikg==, md5=avEG5yogcCrUEMfBdrzXRg==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
664090
cf-polished
qual=85, origFmt=jpeg, origSize=51563
x-guploader-uploadid
ADPycdvJZ1YTQf7H03OFJ4Apw4gCsqsgewpVYbxg00i19JASQOiFt5-Jod8GHn0pSnu0S0OO7HCAtK8gq5PKpyW0BBY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="8268F80203B2870DC4906ECACF07D5681B4610E20AB03421A134D0741618B0482746C1BEB793CE31091452FAF3A55E9AF3218E4BF79E8E1F82DD22242835D6D2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18118
last-modified
Thu, 06 May 2021 15:15:12 GMT
server
cloudflare
etag
"6af106e72a20702ad410c7c176bcd746"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3CMXLsTUcW%2FUDr5u%2BXz34OIpBS1E%2FivagZqUbuNMpk%2BqGx1C43%2BAIJ7CF%2FiZ0CXaKMxv3bx4FYMVaZ9O93VwBDravyRc0GyesjcxQJGXNKlRFQ84%2FNZzgNx2J5mgeISbZOkjvAiWTbNMjcF"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620314112255078
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
51563
accept-ranges
bytes
cf-ray
6c235314dcf9839d-MXP
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame 6150
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313760669264945X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMs...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112231831376066926...
43 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313760669264945X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313760669264945X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 6150 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257607
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdtd_qzJJ2j8fLhc4MnJy8Pr9WXO00HsOwNKEMijhkjdKL7lwbsOmTLi6JDxSHzxUMKw-IAs7yuzXaCBOIMf-G4xdCME-A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uaE6iI%2BTcTklbZ%2BcrFiWfR%2FqekSmlVvlRNPI3coLMzc%2F3pfmKgyVrK%2BF%2Bq5u0G1Mqgvvd18rwWlOmngaT6p%2F9gEXqAvseKTkGiHDFXPpIf0g%2B%2FKDNVlfU40mRFW205n41f126ct3oXL4CUg"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6c235314dcfc839d-MXP
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 6150 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1778654
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycduccTQX0v5HStdzqUBaOSMAPFvevjIm-E4EkrINYblBfrL1woNBTr1xy0gQfP0Q0nlAtaOtVvilm33PZqLnjD4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr8AyUbRDC3b%2BV5sGQJBsDsOOnYsma51u85233wCnRAqWnJ1WretsadXGA42bVW9i6qqJagWlNASQEiEcbEZLzingwhIEt0VhFaZvvjBmStZ5PlbI3ijumc5JVmhJ%2FHMj3p7JiXFlZC0fxI2"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6c235314dcfe839d-MXP
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame 6150
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122318313760669264949X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidTiDmsMsi...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211223183137606692649...
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313760669264949X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313760669264949X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 6150 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
672365
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdsMuNP0FtOuwV3_DxjWDWoPwx_l5twZyCkUiu27EOgGevWwuw4GTv9nsagwHAhk9Om9-KiH2uDaTT3-CYXAk78-UaaanA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2EkxDKsxA6HAfkSNXFK5TMFPgNjF%2BWgZHaAR%2BNQeq%2BijQACGhOjfUbGM%2ByHxUa%2BBg2PEEZkar4jpAEao4GDdVz96RDoFUJCgJd49SDqopcplfkGeGLYljRqJS%2BsBO2g7OON63ALNZ7sgoyJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6c235314dd00839d-MXP
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame 6150 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667000
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdtL3iHWGshjHzk9fYSNKarzn2QVqCejhvSceWz3vgIP-P56wyjWIDaqQJM2UjjLK8WC2vXVQ07qayZXCrTmG_AkibL1kA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bb0m03tzJjJOs4vxyKGW2sAg1kK%2FLyxpwkVO2nDrbk4hL3KgkcAEycE%2BwLcS7RWc3Ii7GMbtU8NuycE%2BL71ekXDQcWde4%2BQrNRnUkjGH2XEWdZbTrcPOpOUg93fP60JFoQsZluPqXabW8YOM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6c235314dd02839d-MXP
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame F4D0 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695194
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c235314c86b83b4-MXP
cf-bgj
minify
B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame F4D0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=KCmbHg==, md5=qo//b2x9KW8DnVvNoA1SVw==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1205406
cf-polished
origFmt=png, origSize=17428
x-guploader-uploadid
ADPycdtgkD3HzD-ZCt8FjdUFfwRaVp62wOuym9f77DLynlOAnZhVpN1mxkWcxht1Vu_KCLiGF1LAY4gq8E9kYb5G4v0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4642
last-modified
Fri, 22 Oct 2021 09:58:13 GMT
server
cloudflare
etag
"aa8fff6f6c7d296f039d5bcda00d5257"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4k3o%2BbxBmqC2N2ChAZ4gW6XmEWYVu4fvm0zw9%2BkIOIoaL5VqADxKhF9nKNr6%2BX6Pq%2Bgxf5z0KtfWLU5ANSq0tA0ruMbv6hQhgR85Af%2Brl68o8m3M1o3Q5vuVDqDEpHOH4BfH4Qc6lb9p7UK"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634896693300485
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17428
accept-ranges
bytes
cf-ray
6c235314dced839d-MXP
cf-bgj
imgq:85,h2pri
FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame F4D0 		359 KB
360 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=lmXgQw==, md5=1xHkv3KBHo5uf1DGNNz2kA==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1780319
cf-polished
origFmt=png, origSize=565110
x-guploader-uploadid
ADPycduNHK-JoasZZadX3JMg-6pHkgEhx36sROriunq9KCKEUIkPz7TAYpI6nTrGxg8dqjRXgxdM_wcPUzPBVEl_YMwVL3qqfA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
367856
last-modified
Fri, 22 Oct 2021 10:16:19 GMT
server
cloudflare
etag
"d711e4bf72811e8e6e7f50c634dcf690"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2gz2JJspffRJUu888FAcN0mG3w98bqQBq6UJSYG5o0lQxUuINItRY8YFkkbNArrUuylcdFz49wNxPXR2kuWHusRR0B1r3NqLPFD3U4uYt4lIfatyxWKa4y8mHNuBXh5iR%2FZHT1H5ev6wu%2Fk"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634897779481391
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
565110
accept-ranges
bytes
cf-ray
6c235314ed1a839d-MXP
cf-bgj
imgq:85,h2pri
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame F4D0 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1202222
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdt28K7x9tCIRyox8iLa_qD78lcNTKFGIRq6N61w4yJrgq6biInoLJWamr2lnwSOH27GZVk48wJ-rBseUtIAp4M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQH6jAU9RxZNumGCi%2FYroz02dAHH3%2BI%2BktuUhfcwe2YLmzYMwfegbhI%2FjO4VCBXxFNdk7HTOU1BeG3TAEOyp%2BvhcVAoiAFKKMTphZc1PreQOmigA1e0YK7ZQZ49se5TOuLV9%2FX1QrSFNwuNa"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
6c235314ed1c839d-MXP
cf-bgj
imgq:85,h2pri
FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame F4D0 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
666478
cf-polished
qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid
ADPycdvaErb7NZRA73OimPk-h0LBqGa6m4V0XpC93_FcIxhrhCfOn9HCC2QHUU9aLHjh2faOCbZIv6sxuDalz4JT-72P-Y2hRw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30226
last-modified
Thu, 09 Apr 2020 08:50:22 GMT
server
cloudflare
etag
"f7c8b1c28756e1f042414e043a02e1fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGWl0nuSLlbRTUdxpqiXe2XEy84w2hliyZCy8kFAMqYXx3TYxl0%2BeWJqYMs%2F%2FySSkQdnXjDYZg6ENfyXGp871c%2FJLUen1ll3chDLXJmJNQC%2BswKI4NKsEBGQp1zM8QezNxjzE8wRkaKp%2FGl5"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1586422222365290
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
81547
accept-ranges
bytes
cf-ray
6c235314ed1e839d-MXP
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame F4D0
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJ22oeK5-vQCFSvYEQgdcD0Pmg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRot...
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280697_2e634ac0-6416-11ec-92b1-22382f8dc9cc
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280697_2e634ac0-6416-11ec-92b1-22382f8dc9cc
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:37 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280697_2e634ac0-6416-11ec-92b1-22382f8dc9cc
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
5404B18EC3C42814EC55ECCDAC94D540D07E28DC37C9B2BFAB5ACD0D732F3D3007B5B05DBBEC85F426804F85EE3DC1BB4334F2E31FDEB997FF3BDB393C20025F
assets.ad4m.at/logo/ Frame F4D0 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5404B18EC3C42814EC55ECCDAC94D540D07E28DC37C9B2BFAB5ACD0D732F3D3007B5B05DBBEC85F426804F85EE3DC1BB4334F2E31FDEB997FF3BDB393C20025F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c2021bdac59d8348ce96f8eda3d24c9d1d99d6c60f63e020c6567e39078d11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=/Q/6tg==, md5=wyA5XaMHHJmGLFy2SnfRig==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
654788
cf-polished
origFmt=png, origSize=29675
x-guploader-uploadid
ADPycdvflSPhMWrScNtHUfhhnJy-eq_-D68oYfHbBaWeRkXlBqV0abyM7y4VyUXlZ6NG4N2k_EmdPy7AFztLiHeaNkQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11084
last-modified
Mon, 11 May 2020 08:26:17 GMT
server
cloudflare
etag
"c320395da3071c99862c5cb64a77d18a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xw3%2FpTkrdaOGIKamx%2Fl2O6gqr3qVs2t3kv0U95XqTnAREEdUMif%2BcVf5wVUorzEXQCcqYkME3MkBlEoJMNgsiAZKsrMjyZr2tHAzLSQoXL6RkQwpZF4RfwCDxpjkjLntwZ%2BF%2BfiNe%2BZ9060T"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589185577639472
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
29675
accept-ranges
bytes
cf-ray
6c235314ed20839d-MXP
cf-bgj
imgq:85,h2pri
9AE8F63960E59AEBA7C87D6EC1BCB3F76BB15CBF908C84DAC0430D19E4DCF95A0C6FDF609CFF5E20F0EC3E37D1C1616A2D3D74BDC25D3D6E4B606E1E2C4F2181
assets.ad4m.at/product_image/ Frame F4D0 		303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/9AE8F63960E59AEBA7C87D6EC1BCB3F76BB15CBF908C84DAC0430D19E4DCF95A0C6FDF609CFF5E20F0EC3E37D1C1616A2D3D74BDC25D3D6E4B606E1E2C4F2181
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa6f4107b5a29a1b3d1e0fb085191dcd7d8bb9497ae061d1e1304abd20891f86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=1Hb8/w==, md5=hZxXU1RAQV3ntT4Wegq49A==
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
654788
cf-polished
origFmt=png, origSize=491451
x-guploader-uploadid
ADPycdsZ2lB-CgCWqafGx2rJH7LxeoEPHczq-LW0GL-s2yaegB6cyduKTqarMf8N5oyN6rXwFORBr75txVLMec6d6E0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
310322
last-modified
Wed, 15 Dec 2021 16:19:29 GMT
server
cloudflare
etag
"859c57535440415de7b53e167a0ab8f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FWfa3UbNeHRRy4I9rCCmYMs%2FES4M332khFA4xg1ISwfl1XPJnANd7UjylEAQVjZhrgTmtuuP1u8Vhh54auR%2BUejl8vNIU05jE5z%2BZIciGV3p55aOVVOPQXKQZpw8le2A0LZDeZUNJ4hWODE"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639585169260253
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
491451
accept-ranges
bytes
cf-ray
6c235314ed21839d-MXP
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame F4D0 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2471479&v=10679&q=372055&r=412871&pv=1&pref3=&pv=1&pref3=oneid4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUKoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:37 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame 551D 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
5b06ee01d8eb8047e4ecc27700dc2ee9434a5a4189d89adcf9b69fb8165ae931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:37 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1465
Expires
Mon, 26 Jul 1997 05:00:00 GMT
sync.html
s.adtelligent.com/ Frame 5B43 		1 KB
880 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1640280696989311247455
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
VertaMedia 1.0
Date
Thu, 23 Dec 2021 17:31:37 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://newsyou.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 100D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1640280696989311247455
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Dec 2021 17:31:37 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Date
Thu, 23 Dec 2021 17:31:37 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJueXdqWXlsUXY5&muidn=lbnywjYylQv9
  • https://cm.mgid.com/google?muidn=lbnywjYylQv9&google_ula={guid},5&google_gid=CAESEPRwSa0ktQHwJZ1zn25ia7w&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=lbnywjYylQv9&google_ula={guid},5&google_gid=CAESEPRwSa0ktQHwJZ1zn25ia7w&google_cver=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c2353153de46916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=lbnywjYylQv9&google_ula={guid},5&google_gid=CAESEPRwSa0ktQHwJZ1zn25ia7w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=09377480-01dc-4aa3-b22d-98e4a1bc3421
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=09377480-01dc-4aa3-b22d-98e4a1bc3421
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353160fd76916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=09377480-01dc-4aa3-b22d-98e4a1bc3421
date
Thu, 23 Dec 2021 17:31:37 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=OIKxbq2drT3AbbjbieooYB_b&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=e8feb77e-2d20-41f4-af93-fe34fde72e1d&gdpr=&gdpr_consent=&us_privacy=
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=e8feb77e-2d20-41f4-af93-fe34fde72e1d&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353160fe26916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=e8feb77e-2d20-41f4-af93-fe34fde72e1d&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 23 Dec 2021 17:31:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
cm.idealmedia.io/setmuidn/ 		0
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=lbnywjYylQv9
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c2353152b817022-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=b4794f3a-aa96-44fd-8779-db95e1958bc3&ttl=1642872697
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=b4794f3a-aa96-44fd-8779-db95e1958bc3&ttl=1642872697
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353160fda6916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=b4794f3a-aa96-44fd-8779-db95e1958bc3&ttl=1642872697
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=0038314a-ff12-41d1-a240-2e066dd288ad
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=0038314a-ff12-41d1-a240-2e066dd288ad
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c23531b9e746916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=0038314a-ff12-41d1-a240-2e066dd288ad
date
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbnywjYylQv9
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=907533672312298459&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:37 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
mw
mwzeom.zeotap.com/ 		95 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=lbnywjYylQv9&zpartnerid=1532&zdid=1532
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
cf-ray
6c2353155dcf839c-MXP
access-control-allow-headers
*
content-length
95
e8feb77e-2d20-41f4-af93-fe34fde72e1d
sync.1rx.io/usersync/bidswitch/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lbnywjYylQv9
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lbnywjYylQv9
  • https://sync.1rx.io/usersync/bidswitch/e8feb77e-2d20-41f4-af93-fe34fde72e1d?gdpr=&gdpr_consent=
0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/bidswitch/e8feb77e-2d20-41f4-af93-fe34fde72e1d?gdpr=&gdpr_consent=
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0

Redirect headers

Location
//sync.1rx.io/usersync/bidswitch/e8feb77e-2d20-41f4-af93-fe34fde72e1d?gdpr=&gdpr_consent=
Date
Thu, 23 Dec 2021 17:31:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=lbnywjYylQv9
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c2353155da63bb6-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=TYYGTk8kpRtwKIwlBwe6&pi=mgid&tc=1
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=TYYGTk8kpRtwKIwlBwe6&pi=mgid&tc=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353160fdd6916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=TYYGTk8kpRtwKIwlBwe6&pi=mgid&tc=1
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT, Thu, 23 Dec 2021 17:31:37 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
link.html
track.webgains.com/ Frame 6150 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
43db0a6ec2ef25a0e6ea75134043dcaf5e0051284d145aa7feb29fc8044fdece

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:37 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1473
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame F4D0 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3766801&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h6qmq3cnsfrmf6z2qdz6547hyddypn8ag42vdnnsgpjsmszeredxgd69a2bvesf3cw68g6mt6117pckv7w65zg2w3vgq83fqpbwnsgn9dzz4zmxvne4ky07nn5hx1c5a9fe6ec78z4w1wbf1t436m92kqjv06tbm3e92qpfedd96q8e7kpf796z3r3hc0qh4n1pewjabrdr80h9bwpek2b1f1bverqarcdy05k65k57agztq5qq8dc6fc27xme6ftb0f39h26rsdtq41mne6w04wpp1jzjak79qphmd75ckx4pwvg16e3yd%26a%3D&clickref=oneidd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUjoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtVoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
f9fe0c390cecd08fd45fa296fdc6c9b428542130a36c0fce7c45cd7ba4479307

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:37 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1478
Expires
Mon, 26 Jul 1997 05:00:00 GMT
all
csm.eu.criteo.net/ Frame 8F4E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8xrCydua4j8TotWVoMUePRg7SQXHKEKkOOKCvmRasHzs7Qp7YUHjwRoVypdeQiLqF0CHod0zXv2R3houQZtOIGXhbde6Ca_beIVpPTUtpT3lqXMFJtluH6Zzf71FDyBxkjlUPo7LDdhJuPiu_2Xj9jQXjH7N04QCDvLcWKes6yJoz1eeRvQkiJIZbDNOba0AzFRFJ4E63DqO1wUxDWZvfczb86YWaBc6v9KvSAqRQAGEBDqBrxfeX8jSGv3fazUAQrVVRw&sds=2&rev=79924&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSydgADoe0K7ddKAAtNE-lhv45YmoOD3vfxUA&u=%7C%2FQfh9S%2BpKwEAKoPeuR7%2FARdbQf9pjL6pI67rOJ64otQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wf7aOC2GrdaqNh3nDfeDkcUsKjhmvz_D8SoDVLe1vYdgnGFnOCFnk5QNiezTT6EXi4rBC1SU_Ytzv696lmdDe8Ee6JHGkHG9txenWEI0scu7vgsvIoCznHKyaqtg_uEMSp4TCSyKjikUBqTVXpHA4scOyE2m9lFcmLamWvxuD8zs9rUkENsNS_WBnZou5eRy6fQGFjhqAKiW4739s-uYxzSI53EfqQ-ckYI1KjvTLYk1XvLlSccwGFssGtsKiIeZupzt7RHvZIN9uKIGzQayB2swjtJS0cyHArPXzektK8k0m2p3nNhvL7ETOmAAIz1ZyZCRGQekMshdD-8TK7k0KzeSv7-PGXBRNzXyCwOHz6t7AKNsiGgz1qx6RCVdoRYJemfb1JdDSoU41npWb8iUN2V5FJ-zPMyTgUhAt60M7bBGQuHc2lc2PpO1IhbVUo6cwWoa47YhsZ6yg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM70fdrLEYe3DDsqutweTmq2IBcme0rFc9ZHevrEBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQIaMJyGyf-yPqgDAaoElQJP0KtNymC63_YWDW9tNYSiaLVeuSQBSHzyodlUVcw-m3PpE-qouAC3Om9WksokBX9OohxnMA3ZVhCSsA0QoetePYGoUQl2wjOxZm5B2Vy_uaFa9S0-0LuCbH0rJ9_jZOOtV4XDVn6JQWMwy9fDdp_KAJfHJNb4k7NfUQeA-iD9nmjNaZ4vE3aUNn8_hltZKjzoMCAhDzATTZ8P0oRSfsS8Xdx4WNzknu5KHDu700110pyJFRx7FqWKe80dvNe0um_GXd6-3hRKo-CheAaBApEFR1WOOAVrIbjGI1NSs1WMS9yrXezVGKDUnTHV90ibzdMKX3fItq5fNThQbKl172wQk3aPPsBhMrciSOXwqFTaom92W_VBgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i-YAEdFx8NV6Q92d8e8XwL8cNaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
usync.js
eus.rubiconproject.com/ Frame 100D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a84e073be90f3b8a06645947c17b4059cc3e2930c96661210e19504efb706331

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37758
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Fri, 24 Dec 2021 04:00:55 GMT
csync
sync.adtelligent.com/ Frame 5B43 		0
0
khaos.jpg
token.rubiconproject.com/ Frame 100D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
pvClk.min.js
analytics.webgains.io/ Frame 551D 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24093
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
UqV9-pCm0PNKYtmHss9WyFVAZaLKvOz9oyzpcJ3vNp4RKHNm69R6NQ==
link.html
track.webgains.com/ Frame 551D 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidBhA7KpwxuZh-vZksQgBVen3zzrXe_brHasuid__suite_Netmix_Reach43_TopRotaMonth&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C161594%2C43784&b=bwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=3bgFpf14UB65t7HrHAtXC997f8TWTRead%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=4e407260e4d5dc2aa9f41fe3e517774d%2F17744251455218412790&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696873&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbyrgewx31ge0dq9b8t6tm1taqsm9vyb1qjn2j4jnd62pxh9f3pffefmqx9a5yv2dmewb6b7n14vzdfyhrj6akkw5k7355zqaf2df09mvw7k6y74aagv24f7s243kxdd2y1b5f378kmfw3386tyvz8p6fn4w8nmyh6qzjgb3a13ge2bgkbcmw8f7ggpcj65bbqpvbx1agk1qaj4312cwfdx91kgz3zgwtwhm2vhzhdtgttkkn7eryswzakyb9txwwkq7gy4gqsrp7m9ed0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBAYFdrLEYdPsKou_ngWW5LnwDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0Ak1h1IudVUQ28zi3jWi7PQRKC0qCmqTsT0XR7r7tw9yeLcplhA2vOM8onjYKRiHlxkAerS--AtjVeO4v3CSgSI-oUUuLUwSiq3DxJFxMt_OOZDphJEKp1G_1fPz91d4f8lgu2G4aKH4oTkKcWo-HIe3MgdkZjo9rtSRvFYyF6nHZwx51vvzjl18RSki7rYk5o9MnLH2VTAUnex7p_RapbWLggWJdNOW_ZhOTbwxxetCVga-qhXKq84H2DZ5nderuFN9eh6xkIQue77R45RGkeFmIb7PWQlprTLv6oUPwUszblA5H4wo8HQfGTttTzqP_nuCTGzEBDofgwT9K3JgjaA8SbZbZL-zfm1sel8v5oVwCKPhdwlxjoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1VYHUNsqi6lw-oQg8-z1nghYSc0Q%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:37 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
sync.php
pixel-us-west.rubiconproject.com/exchange/ Frame 100D 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Content-Type
image/gif
pvClk.min.js
analytics.webgains.io/ Frame 6150 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24093
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
o0raRazo1H0uJQIqPa5lmtF6dVw0xARqXqg7_E96NhCt8p5evcxLww==
link.html
track.webgains.com/ Frame 6150 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidY8mhrf3fwBgTGC9HetQt1JWSkSWt4jKtroneid__asuid60L0moNh5fqdSyvPwiSJ46NjJqdF8-beasuid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C166402%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TiDmsMsieAZAiIE46hB51uhaET_dfdic&g=083ad7dd70417c65eb699b375bec8b71%2F10976863668993341196&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696889&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jnhwnka54hgsp0xbfg21g6dmfxpvhnf7v626gnshb4e6a832h79nexnfnv2r1k9vbx9w6vb3tgm38rryda4axakhpzpvnq0ff4650xzhj8zmv872jvwex4h3wash4ne3f518tg027hshzh6jrfysscw9d2vqava8qd94b42g3t33y6e355m548r5ja0xe7dsh13avhmcpg5y6jejp0jq1s927425g346pnz505m8er33sdc7b3j1r91t5mb69wtgbhr0s2kggnmn12kx77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9c4MdrLEYaLGH6XAngWO-JCIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoEkwJP0BpnlljiPHaT7-CxYeAedzqge4DogNuEqIuFaAjcG_ExWNQvqNO9VjosDFrOaSmONkGxW21VXb11S3PG5DAdA8KNCpQfVNvw9mheHIqau5m06O94xxLFVuhR19Q4Sk-1w0KPobzHJAcbX06F_sQ56-V-uw6CKVipOT4-H3Jdm91BdknK_YHF-hjJDX1MCt-SFy7GRQuAA-uAmdTVT50s1JdPSbCsc8LRO8vQNkEamq9vkrMo_Ui_d7lWdsAybdnG8Cf5ZUalnxUa2HXhUqH3nKNxkGvCsMqZJxfu2GwCFbuaJruy9CFprQlqDbkACrAAPYC5raO4xo59AVRk6SzNVPdEW0RlqG2zXN0ATXXzO1P7W4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1_KMfOm2tffO27Fjo_hi78IMEFtQ%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:37 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame F4D0 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766801&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h6qmq3cnsfrmf6z2qdz6547hyddypn8ag42vdnnsgpjsmszeredxgd69a2bvesf3cw68g6mt6117pckv7w65zg2w3vgq83fqpbwnsgn9dzz4zmxvne4ky07nn5hx1c5a9fe6ec78z4w1wbf1t436m92kqjv06tbm3e92qpfedd96q8e7kpf796z3r3hc0qh4n1pewjabrdr80h9bwpek2b1f1bverqarcdy05k65k57agztq5qq8dc6fc27xme6ftb0f39h26rsdtq41mne6w04wpp1jzjak79qphmd75ckx4pwvg16e3yd%26a%3D&clickref=oneidd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUjoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtVoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24093
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
lQStzZ9Fv8ZvURMU2xwusKLr9qXEtaiFMy5ht-G3Y9hOfE_Y9VE5dQ==
link.html
track.webgains.com/ Frame F4D0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid9dxMfMfmfdddESKHBH2t7tPz55F9SmTZr2udoneid__asuidxXa10tX07YQ9PSUyYWAsafLoE_7jnjJPasuid__advertisingalliance_advancedad_300x250&wglinkid=3766801
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=300&d=600&e=GCbIPkoLWX4sThQJxhkoX7goS4hmuDea&g=683ee8cd140d87e4582db81df3af2110%2F5250733867197059059&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280696922&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmzzqcz0c61jkxnwt0wfv1r28c7vk83mt0dzwrc0vgeqvv11sne3t9mz38dd1rynf3a8cewkjh3msf82srckv533hdw8whmjkxj59nd6tw248cs3nkc62jv3gwestkbh5zpc33hp1ha813akf8p6re0na2avyv036m4v326rxkwxd1ex3b5kabg4a7kmaqg2c2etdswxsdr5jhf1mn4fxazn1n1v8wxefhpm1rj7j3wazxep4bd27fhm13xr814d20zp5f5b0r42e6k03x0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKjRRdrLEYZvjK4m0ngWvv7iAA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEmQJP0GgoRS8WVdbOBa95dA6YQNn1Jg8AGBG6O1cWMSsXHZjvA8ompzzn5TdPDKgPPIAXMk-6CKEonkQfzKQmOoS1Z_MCFy1Rmz9EnMv_AB32a1lQDI6mLUjfaEX57q5SmbQughByTD1jiUqIfnp7qQFlvm3Y1e72njeZPi5CJrK3bChPNNWrM-_CW5NVk4cwFmSlANuHy6NyE21fVp9cSVHGkGtadKqhl9tS91FalFVajCthRDNe9ArZ8t48smn6RHkATQuJI7L5s_Edo8tTgWa5putNh9Qpffn0eMxlTS4jf0KOvESK2dsviPxaz2_0bp7uAzgHlHJi8uDW1JG4ojY4_YuelyU0i0cOldPOwa2-6bUlyRLKs3jJW4AGpbWW3ezHhtP-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2BBvLNv8qSFKJjM2jZytcGBUn1YA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
cdc6a672e24d84d0277383399879fb8a1d6e02cf7f1fab4fe2a31aa173ad9faf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:37 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2759
Expires
Mon, 26 Jul 1997 05:00:00 GMT
tracking-event
api.webgains.io/ Frame 7724 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://googleads.g.doubleclick.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
if
a4p.adpartner.pro/tracker/ Frame 30D4 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2257fd3843-b9bf-43a7-b337-c737b13fb832%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 32CA 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2256c97c97-a492-451c-8a3a-992fd590f33d%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 6BEC 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b233dcba-9496-48e4-8ec9-c29bf0dab1a6%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 4555 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%222050795f-e60c-4a1a-a498-75b1ba484640%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2257fd3843-b9bf-43a7-b337-c737b13fb832%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2256c97c97-a492-451c-8a3a-992fd590f33d%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b233dcba-9496-48e4-8ec9-c29bf0dab1a6%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.44.106 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-63464c75.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
tracking-event
api.webgains.io/ Frame 551D 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 6150 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame F4D0 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
img
pix.eu.criteo.net/img/ Frame 8F4E 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=800&s=KoUUKAWq2H4WAfcVueGNhS0k&b=800
Requested by
Host: newsyou.info
URL: https://newsyou.info/SHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5c6e1a83304838097545a1ef48c04d539f7c04d75d8b081fbe10618b0c1948b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:32:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
75535
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31530800
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
133074
expires
Thu, 22 Dec 2022 19:06:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

341 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 function| _m3192973381 function| $ function| jQuery string| ajaxUrlFlatPM boolean| duplicateFlatPM boolean| senseFlatPM object| adsbygoogle object| gnezdoAsyncCallbacks object| head object| script object| mtzBlocks object| node5876 object| node7880 object| jQuery111105181141477864524 object| node6822 string| iS object| iD object| iP string| iR string| iT string| iH number| iI string| GoogleAnalyticsObject function| ga function| ym object| smiq function| flatPM_arcticmodalLoad boolean| debugMode boolean| duplicateMode boolean| senseMode boolean| countMode function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_random undefined| flat_body object| flat_count boolean| flat_counter number| flat_iframe string| flat_sep object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear number| flat_dateMonth number| flat_dateDay number| flat_dateHours number| flat_dateMinutes boolean| flat_adbDetect object| flat_userVars function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| flatPM_setHTML object| flat_pm_arr function| jQueryLoaded function| jQueryLoading function| randomInteger string| RESOURCE_O1B2L3 object| _0x54e7 function| _0x3ea5 boolean| scriptaddedobl82749 number| __o1b2l3_updateStatsEvents number| utarget_rand number| utarget_cookie object| utarget_script object| l_m1125898077 object| name120now function| smiHTML13248 function| smiCSS13248 function| smiHTML13267 function| smiCSS13267 object| FB object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| Sk string| google_user_agent_client_hint function| smiHTML13245 function| smiCSS13245 function| addJqueryfcDop function| take_ban_teaserfcDop function| getUrlVarsfcDop function| addJqueryRsslK function| take_ban_teaserRsslK function| getUrlVarsRsslK object| loadedBanners string| scr object| div object| x number| len undefined| newScript function| getApuID object| APC object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID object| shownAds7460 object| initRtb1640280693845818990 object| result string| key string| apuid object| sessionData function| take_ban_teaserbKpnK function| getUrlVarsbKpnK object| shownAds7858 object| initRtb1640280693846869038 object| shownAds2489 object| initRtb1640280693846882892 object| adexOpt number| loadingMedia object| adPartnerMediaAd object| place object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| intervalIDfcDop number| intervalIDRsslK number| intervalIDbKpnK boolean| laScriptLoaded object| _mgIntExchangeNews object| MarketGidInfC1122348 function| MarketGidCContextBlock1122348 function| MarketGidCMainBlock1122348 function| MarketGidCInternalExchangeBlock1122348 function| MarketGidCRejectBlock1122348 function| MarketGidCCriteoBlock1122348 function| MarketGidCInternalExchangeLoggerBlock1122348 function| MarketGidCObserverBlock1122348 function| MarketGidCSendDimensionsBlock1122348 function| MarketGidCRtbBlock1122348 function| MarketGidCContentPreviewBlock1122348 function| MarketGidCResponsiveBlock1122348 boolean| mg_loaded_413933_1122348 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| MarketGidInfC1024868 function| MarketGidCContextBlock1024868 function| MarketGidCMainBlock1024868 function| MarketGidCInternalExchangeBlock1024868 function| MarketGidCRejectBlock1024868 function| MarketGidCCriteoBlock1024868 function| MarketGidCInternalExchangeLoggerBlock1024868 function| MarketGidCObserverBlock1024868 function| MarketGidCSendDimensionsBlock1024868 function| MarketGidCRtbBlock1024868 function| MarketGidCContentPreviewBlock1024868 function| MarketGidCResponsiveBlock1024868 boolean| mg_loaded_413933_1024868 object| MarketGidInfC1146775 function| MarketGidCContextBlock1146775 function| MarketGidCMainBlock1146775 function| MarketGidCInternalExchangeBlock1146775 function| MarketGidCRejectBlock1146775 function| MarketGidCCriteoBlock1146775 function| MarketGidCInternalExchangeLoggerBlock1146775 function| MarketGidCObserverBlock1146775 function| MarketGidCSendDimensionsBlock1146775 function| MarketGidCRtbBlock1146775 function| MarketGidCContentPreviewBlock1146775 function| MarketGidCResponsiveBlock1146775 boolean| mg_loaded_413933_1146775 object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| dmpProfitclicks boolean| mtzCheck function| _typeof function| _createClass function| _classCallCheck object| web_script number| is_clck function| web_callback string| website function| are_cookies_enabled function| inIframe function| compareElementsWithParentsToSelectors function| compareElementsWithChildrenToSelectors function| compareElementsToSelectors function| Browser object| browser function| run object| Ya object| yaCounter44453875 function| adpartnerMedia object| gnezdo function| loadjscssfile function| createWidgetHelpButton object| TelegramButtonOptions object| Widget object| informer string| ban_teaser string| cookie_expires object| options object| system object| _parent object| banner_clases boolean| edge boolean| linux boolean| new_opera boolean| ua_ios_opera boolean| ua_ios_opera_mini object| main object| onMainScriptLoad5555 function| WidgetTelegramButton object| banner7460_1640280693845818990 object| banner1640280693845818990 object| banner2489_1640280693846882892 object| banner1640280693846882892 object| google_llp object| banner5555 object| block string| text object| banner7882_1640280693846869038 object| banner1640280693846869038 string| prev_link string| teaser object| googletag number| cur_time boolean| wait_start number| _997726831838 object| _997726831831 object| cd string| dt object| onClickExcludes function| mgReject1122348 function| mgLoadAds1122348_09999 function| MarketGidCReject1122348 function| MarketGidLoadGoods1122348_09999 function| mgReject1024868 function| mgLoadAds1024868_0a764 function| MarketGidCReject1024868 function| MarketGidLoadGoods1024868_0a764 function| mgReject1146775 function| mgLoadAds1146775_06868 function| MarketGidCReject1146775 function| MarketGidLoadGoods1146775_06868 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| removeGooglePlaced boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint413933 string| _mgPvid number| _997726831832 string| user_agent boolean| mac boolean| windows boolean| ua_chrome boolean| ua_ya boolean| firefox boolean| ua_opera boolean| ie_11_edge boolean| opera_dev undefined| ie_8 boolean| ie_9 boolean| ios number| cou object| b0 object| b1 object| b2 boolean| class_selector boolean| match object| items number| count number| item_w number| item_h boolean| flag object| pos object| h_body object| h_doc object| new_post boolean| _mgPageView413933 function| LoadCriteoAllPlaces1122348_09999 boolean| i.js.loaded boolean| i-noref.js.loaded function| LoadCriteoAllPlaces1024868_0a764 function| LoadCriteoAllPlaces1146775_06868

139 Cookies

Domain/Path Name / Value
newsyou.info/ Name: b
Value: b
newsyou.info/ Name: vcO1B2L3-1
Value: %7B%220%22%3A1%2C%22*%22%3A1%7D
.mgid.com/ Name: __cf_bm
Value: cLWDZhodKZipzvHLgw0P9OQAKpVg6TCATPWCwLZgiyU-1640280693-0-AVzJiftJAqML1sCrrqRV937VnqLvFFRNOcVcgJoXwX7qmgVN3aGBTiCMa4PQ8267T/7MyOvl6JjZW2+K+xGVUCU=
.calculator.codes/ Name: uuid
Value: 3ecf6fdf-666e-4a79-8759-639ca62c9153
ppvesdfiojol.com/ Name: current_server_session_id
Value: 63349e161345bec8d340273e67ae6e938db5395cvvv94177528
ppvesdfiojol.com/ Name: visit
Value: 1
newsyou.info/ Name: lapuid
Value: 2050795f-e60c-4a1a-a498-75b1ba484640
.utarget.ru/ Name: uuid
Value: "KFf/nDR2Z3dEchEPgolflfHlGWTQQ+/EiAA0o2WNP0g="
newsyou.info/ Name: session_id
Value: 5ab9a9d4-15ff-4abe-956b-193f694e0733
newsyou.info/ Name: session_pageview
Value: 1640280694.1
newsyou.info/ Name: site_visited
Value: 1640367094.1
.newsyou.info/ Name: _ga
Value: GA1.2.590106492.1640280694
.newsyou.info/ Name: _gid
Value: GA1.2.1764326275.1640280694
.newsyou.info/ Name: _gat
Value: 1
a4p.adpartner.pro/ Name: newsyou.info_ref
Value:
.yadro.ru/ Name: FTID
Value: 1XnBA20NcMOE1XnBA2001Oaj
.newsyou.info/ Name: surfer_uuid
Value: 1c5ab74a-f432-4daf-86d9-8b0f3f63d728
.newsyou.info/ Name: la_page_depth
Value: %7B%22last%22%3A%22https%3A%2F%2Fnewsyou.info%2FSHMYGAL-RASSKAZAL-KOGDA-V-UKRAINE-RAZRESHAT-VVEDENIE-BUSTERNOJ-DOZY-VAKCINY-OT-COVID-19%22%2C%22depth%22%3A1%7D
.newsyou.info/ Name: page_load_uuid
Value: 97a0de45-04b1-4a4b-a42e-0d4489e8696e
.yadro.ru/ Name: VID
Value: 3B7IMr1mvrOE1XnBA2001Oin
.newsyou.info/ Name: _ym_uid
Value: 1640280694190662448
.newsyou.info/ Name: _ym_d
Value: 1640280694
newsyou.info/ Name: cbtYmTName
Value: 75TNhovN1c2J3d3c146L1tbe3InWjIuKzZIi
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3079004833fake
a4p.adpartner.pro/ Name: apuid
Value: 2050795f-e60c-4a1a-a498-75b1ba484640
a4p.adpartner.pro/ Name: apudmg
Value: 1
prodmp.ru/ Name: rai
Value: acf8288dc84442ece20bcb160231c4b8
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2954392704fake
.newsyou.info/ Name: u_count
Value: %5B0%2C0%5D
loadercdn.net/ Name: vui
Value: 842a5a8460bc4e9499e4c90504fa6d4c
.newsyou.info/ Name: __gads
Value: ID=7f04637ef6abf9bf-2286f6410dcd00d5:T=1640280694:RT=1640280694:S=ALNI_MbzAv0eAy1PYIdLVMadyfPjyaMBmg
.newsyou.info/ Name: _ym_isad
Value: 2
.newsyou.info/ Name: chash
Value: VztuINms3n
.yandex.com/ Name: yandexuid
Value: 9296199921640280694
.yandex.com/ Name: yuidss
Value: 9296199921640280694
mc.yandex.com/ Name: yabs-sid
Value: 1988217951640280694
.yandex.com/ Name: i
Value: m9cMahgSLwOnOa5H6glXoNyIW5Y70AFVHKzfUriWeG4LSmTW8tr4JDsvMCabPzt/e0rhwbuMZRlHZHOJh0SBKPujGMY=
.yandex.com/ Name: ymex
Value: 1671816694.yrts.1640280694#1671816694.yrtsi.1640280694
.gnezdo.ru/ Name: weborama_cm
Value: 1
.gnezdo.ru/ Name: uid
Value: uZQlT2HEsnYCY0OO+TBbAg==
m.mixadvert.com/ Name: a5c79a16a258cb2a9709a1ac872efa52
Value: 438579%2C438575%2C438578
m.mixadvert.com/ Name: f3a826c60b78eb15a6c7bbaea354d6d9
Value: 1
.uuidksinc.net/ Name: jcsuuid
Value: N81uM5UbLqGcRe8aL2uB
.eskimi.com/ Name: __eConsent
Value: 1
.mgid.com/ Name: muidn
Value: lbnywjYylQv9
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWHEsnYs8wgJnsSHAp2Knrns2FuQNyVSDe9/WFfikuD0
.acint.net/ Name: cSyncDp14v3
Value: 1640280694
.adhigh.net/ Name: gi_u
Value: Pf2ON2MTCn6.AikABlF96FkgqQ
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: c346fa1c-85ef-5365-8260-e916e3a45b60
.doubleclick.net/ Name: IDE
Value: AHWqTUmn2kH2M2_CaAMHv6NLlLS5LEXmIYZ8NUt0RAxxThjC8NAZLeFTcQ9DvifTEUw
m.mixadvert.com/ Name: 1187d722fdb08c497919524d861f2215
Value: 438579%2C438578%2C438575
m.mixadvert.com/ Name: b35a58b0d6e970945283857b262c4a32
Value: 1
a4p.adpartner.pro/ Name: buyeruid_57
Value: c346fa1c-85ef-5365-8260-e916e3a45b60
a4p.adpartner.pro/ Name: buyeruid_47
Value: c346fa1c-85ef-5365-8260-e916e3a45b60
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWHEsndyIwATGVV/ApahyK+BvpwnJsMtYcMAfyQZlSzh
dmpprof.com/ Name: uid
Value: 0b396c07-268e-4eb9-bfd9-c524f8529fe4
.mathtag.com/ Name: uuid
Value: 88d861c4-b277-4d01-b53f-03426797a169
.aidata.io/ Name: __upin
Value: ITx74IxG77A3tJC6tosheA
.aidata.io/ Name: __upints
Value: 1640280695
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.agkn.com/ Name: ab
Value: 0001%3AQavLnwlQj%2Facni3Ko5RSgZfmhvDGIHQP
.admixer.net/ Name: am-uid
Value: eb84922169184661b2e1d60d73212483
.rlcdn.com/ Name: pxrc
Value: CPfkko4GEgUI6AcQABIGCOndKhAA
m.mixadvert.com/ Name: 086ae4465f66aadda78e0cd6cba6c2cd
Value: 438575%2C438579%2C438578
m.mixadvert.com/ Name: 8c7239b3698670cc11540a0d8f9b4062
Value: 1
.betweendigital.com/ Name: ut
Value: YcSydwAL7rB0e5YZXWM4D6jaF5ovQOPuyypFuA==
a4p.adpartner.pro/ Name: buyeruid_63
Value: 9d1ce262-7825-4934-6beb-fc89cdecedda
a4p.adpartner.pro/ Name: buyeruid_55
Value: 0100007F76B2C4610908F32C0287C49E
a4p.adpartner.pro/ Name: buyeruid_64
Value: b762eb0d-af82-4898-764b-f12d06ff842d
a4p.adpartner.pro/ Name: buyeruid_53
Value: 0100007F76B2C4610908F32C0287C49E
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 72F61D6D-C5E0-4107-8CF4-516234299E54
.rlcdn.com/ Name: rlas3
Value: hXTUdNOipI86i74gZDs0DJKhMJOA32C0jOmDh5FpZAM=
.quantserve.com/ Name: d
Value: ED4BCQGDJYEA
.quantserve.com/ Name: mc
Value: 61c4b278-1524a-93966-90748
dmpprof.com/ Name: enrich_data_v2_5
Value: 1640280696
.casalemedia.com/ Name: CMID
Value: YcSyePD8.jF4QUXje84TRAAA
.casalemedia.com/ Name: CMPS
Value: 5203
.hit.gemius.pl/ Name: Gtest
Value: KlSrBRXGQMGGHkKEVXaYm3sissGMXP8cXRbG
.hit.gemius.pl/ Name: Gdyn
Value: KlxVqRGGQMGGHkKEVXaYm3sissGMXP8cX8ySssX6nsGfGSfeH72xxjGoxcxSY8CBI8l8MG..
.casalemedia.com/ Name: CMPRO
Value: 1190
.casalemedia.com/ Name: CMST
Value: YcSyeGHEsngA
m.mixadvert.com/ Name: 3aa58fa137326730c9794aef98b2f5f6
Value: 1
m.mixadvert.com/ Name: 04f6c5f945332ec7286bd2b25d3f10cc
Value: 438575%2C438579%2C438578
dprof.site/ Name: uid
Value: 0b396c07-268e-4eb9-bfd9-c524f8529fe4
.medialead.de/ Name: trscj
Value: MTY0MDI4MDY5NnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRjMU1UQXhOREF3TVRZeE9UazBNakF3T1RVeE16a3pNREV4T0RFM01ERXdKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2
.doubleclick.net/ Name: DSID
Value: NO_DATA
.awin1.com/ Name: awpv14098
Value: 296283|1640280696|2e1d4110-6416-11ec-ae0b-2238728762ca
.innovid.com/ Name: uuid
Value: 977ff4e4-a95d-4e60-8dca-89a5a41845da-20211223 12:31:36
.agkn.com/ Name: u
Value: C|0CEApV273KVdu-AAAAAADAQ13AQIAAQpAAAAAAA
pb.media01.eu/ Name: ASP.NET_SessionId
Value: gwmyl4bndxb5pxtnx303vcv1
pb.media01.eu/ Name: DTU
Value: 73E97D0FCE432A3F7E6156FF0DC9F8F8
.e.dlx.addthis.com/ Name: na_tc
Value: Y
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
newsyou.info/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1122348%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280696913%7D%2C%22C1024868%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280696984%7D%2C%22C1146775%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280696987%7D%7D
.addthis.com/ Name: na_id
Value: 2021122317313600016069278388
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 61c4b278366e6e2d
.addthis.com/ Name: ouid
Value: 61c4b2780001c7497ca4e50b4d902f5565a4d1e3fbc207bc0161
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20211223
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.awin1.com/ Name: awpv10679
Value: 412871|1640280697|2e57b201-6416-11ec-9cab-2239e6ba3d41
.bidswitch.net/ Name: c
Value: 1640280697
.bidswitch.net/ Name: tuuid_lu
Value: 1640280697
.bidswitch.net/ Name: tuuid
Value: e8feb77e-2d20-41f4-af93-fe34fde72e1d
.e-volution.ai/ Name: v_usr
Value: 6f935471-9505-401f-9108-caf02bbe5fa3
.zeotap.com/ Name: zc
Value: 4ae66c16-9169-4dcf-5bce-81c53f667c54
.lead-alliance.net/ Name: ppv1226
Value: 2021122318313760669264945X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth
.360yield.com/ Name: tuuid
Value: 09377480-01dc-4aa3-b22d-98e4a1bc3421
.360yield.com/ Name: tuuid_lu
Value: 1640280697
.awin1.com/ Name: awpv11938
Value: 412871|1640280697|2e634ac0-6416-11ec-92b1-22382f8dc9cc
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.adsrvr.org/ Name: TDID
Value: b4794f3a-aa96-44fd-8779-db95e1958bc3
.idealmedia.io/ Name: muidn
Value: lbnywjYylQv9
www.lead-alliance.net/ Name: PHPSESSID
Value: 65slaupj7me41pd7mbbm11bg3d
.lead-alliance.net/ Name: ppv1225
Value: 2021122318313760669264967X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth
.lentainform.com/ Name: muidn
Value: lbnywjYylQv9
.creativecdn.com/ Name: u
Value: TYYGTk8kpRtwKIwlBwe6
.creativecdn.com/ Name: ts
Value: 1640280697
.erne.co/ Name: u
Value: OIKxbq2drT3AbbjbieooYB_b
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwimhKnbmZGjOhAFOAE.
.smartadserver.com/ Name: pid
Value: 907533672312298459
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1640280697_2e634ac0-6416-11ec-92b1-22382f8dc9cc%22%2C%22sp%22%3A%22awin%22%7D
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0MDI4MDY5N3ZsZWExZGUyMDIxMTIyMzE4MzEzNzYwNjY5MjY0OTQzWDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZGJ3cVRRZllac3hnS2hZSGJIenRLdHd3OFV4VEpUSlBTSm9uZWlkX19hc3VpZEdDYklQa29MV1g0c1RoUUp4aGtvWDdnb1M0aG11RGVhYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY3OQ
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0MDI4MDY5N3ZsZWExZGUyMDIxMTIyMzE4MzEzNzYwNjY5MjY0OTQ5WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZFBKNEhCZkViYWJLNzl0OUhqSGJ0TXRQUGdTWlQ5VGtHQ3BvbmVpZF9fYXN1aWRUaURtc01zaWVBWkFpSUU0NmhCNTF1aGFFVF9kZmRpY2FzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g0M19Ub3BSb3RhTW9udGgxMTM3NTI
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313760669264943X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidGCbIPkoLWX4sThQJxhkoX7goS4hmuDeaasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313760669264949X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidTiDmsMsieAZAiIE46hB51uhaET_dfdicasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.mfadsrvr.com/ Name: tuuid
Value: 0038314a-ff12-41d1-a240-2e066dd288ad
.mfadsrvr.com/ Name: c
Value: 1640280697
.mfadsrvr.com/ Name: tuuid_lu
Value: 1640280697
.mfadsrvr.com/ Name: ssh
Value: !mgid,1640280697
cm.mgid.com/ Name: mg_sync
Value: {"287839":1640280698,"501037":1640280697}
.adriver.ru/ Name: cid
Value: A_dV2WCRLm88jnH7aIi8_bg

3 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9496.BaFwk9JnTfvtSX_ObjWcqFq_NxpfJQ4lFoe8v6QLrya-piB9bVNA94E-SE3Qcr-myGPfO0_qDbg1ewfIarFvow%2C%2C.6lZ-SPyqk8I0R3bPQk7O1vRD21o%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_push=AYg5qPL0qY0H9uE0ooqSZGZoo7MG7w_-44SmsW31FMEbL5KlZ-xvdWee5Ww0krPp1LjL-RLfu3_wWEw8eFq_xiYFRxd5VPzg9Qhf67lehcXsJpuWQElGWHomObd4BdwO5iJxRECoxfIo0ZCfSKQu0rCL2w&google_gid=CAESEIep3et5cnjBCpiZwIHC3VA
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyePD8-jF4QUXje84TRAAABKYAAAIB&google_cver=1&google_gid=CAESEG6WaStWBjRt8_nIm5eH7q8&google_push=AYg5qPJ8CSNkm743D_JgR3pYqxEMzdkwcwnpKZ0VNebaOfuz0gp1FUYcVengQfrOFhDD0XsiTpJjMKmii6c0_Qh1mzcftDkBPXQ_xL8ECa6dzEB5D9yM-FKgrm1m_0DrI9gdGzLD-J6xDSIa_sTi8r4BVg
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a4p.adpartner.pro
acint.net
ad-server.eu
ad.360yield.com
ad.adriver.ru
ad.doubleclick.net
ad4m.at
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.mgid.com
calculator.codes
cat.nl.eu.criteo.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.quantserve.com
connect.facebook.net
counter.yadro.ru
creativecdn.com
csm.eu.criteo.net
d.agkn.com
data.24smi.net
dm.hybrid.ai
dmpprof.com
dprof.site
dsp-trk.eskimi.com
e.dlx.addthis.com
eus.rubiconproject.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fcgi5.gnezdo.ru
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
guepslka.com
hal9000.redintelligence.net
hal900010.redintelligence.net
i.i.ua
i.mixadvert.com
id.rlcdn.com
image6.pubmatic.com
img.adpartner.pro
img.servestatic.net
inv-nets.admixer.net
jsc.mgid.com
jsn.24smi.net
loadercdn.net
m.mixadvert.com
m.trafmag.com
match.adsrvr.org
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mixadvert.com
mwzeom.zeotap.com
news.2xclick.ru
news.gnezdo.ru
newsyou.info
ocmurc.com
openfpcdn.io
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
pix.eu.criteo.net
pixel-us-west.rubiconproject.com
pixel.everesttech.net
pixel.mathtag.com
pixel.rubiconproject.com
portal.blau.de
portal.o2online.de
ppvesdfiojol.com
prod-rtb.ad4mat.net
prodmp.ru
pv.medialead.de
px.adhigh.net
pxksnymto.ru
r.i.ua
recreativ.ru
rtb-usw.mfadsrvr.com
rtb.nl.eu.criteo.com
rtb.openx.net
s-img.mgid.com
s.adtelligent.com
s.uuidksinc.net
s.zmctrack.net
secure-assets.rubiconproject.com
servicer.mgid.com
ssbsync.smartadserver.com
ssp-rtb.sape.ru
static-de.ad4mat.net
static.criteo.net
sync.1rx.io
sync.adtelligent.com
sync.e-volution.ai
t.trafmag.com
tags.mathtag.com
telegram.im
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
utarget.ru
vcmjf535tx.ru
www.acint.net
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
x01.aidata.io
zn3.2xclick.ru
cm.g.doubleclick.net
sync.adtelligent.com
104.109.78.125
104.111.215.191
104.111.239.217
104.16.199.73
104.19.132.78
104.19.135.78
104.19.217.61
109.206.161.21
136.243.84.75
138.201.63.145
142.250.184.198
142.250.185.66
143.204.98.58
143.204.98.61
144.76.118.233
145.239.108.234
145.239.193.130
146.0.227.110
146.59.44.106
147.135.189.55
148.251.139.77
159.69.74.7
165.22.198.175
172.217.18.98
178.250.0.139
178.250.2.148
178.250.2.150
18.195.128.93
18.196.159.27
185.148.37.26
185.148.37.79
185.184.8.65
185.187.81.41
185.248.101.21
185.29.134.249
185.64.190.78
185.86.138.120
193.106.92.202
193.200.65.18
193.200.65.5
193.200.65.6
193.232.150.148
195.201.243.71
195.209.108.46
2.18.233.201
2.19.35.65
213.19.147.44
217.65.2.150
217.67.179.205
2600:1901:0:76b9::
2600:1f18:445b:903:c624:a695:f9d2:6242
2606:4700:10::6816:284a
2606:4700:10::ac43:db6
2606:4700:20::681a:34
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700::6810:135e
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a02:2638:1::11
2a02:2638:1::2
2a02:2638:1::3
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.248.87.88
3.33.220.150
31.220.27.134
34.120.139.69
35.186.253.211
35.212.212.222
35.244.174.68
37.18.16.16
46.236.13.147
46.4.10.47
46.4.121.26
52.31.83.126
54.154.122.160
54.76.176.197
62.76.25.27
69.173.144.138
69.173.144.139
77.123.132.26
77.123.132.42
78.46.85.162
79.137.69.120
79.171.117.17
8.39.36.141
80.211.42.243
82.113.101.132
82.113.101.236
82.192.82.4
84.200.5.215
85.192.12.170
85.192.12.174
87.98.128.108
88.198.250.30
88.212.201.198
88.99.63.132
89.108.119.28
91.198.36.16
91.198.36.78
93.95.100.117
93.95.102.105
94.23.153.171
96.46.186.57
00c2021bdac59d8348ce96f8eda3d24c9d1d99d6c60f63e020c6567e39078d11
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865
0420356b719515bc78a170da39949be8b906e66ad95c7a99b1d921787801802b
04300bcea7f70d5d71255ce0ec0d8f66c4c69aa81c3552087e56bb7cdd47d4f5
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
0769a620ccba5a6119e7c4ac2c741513c0e5c20d1c13001caca6d838be89c8d1
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211
0ad9efa7148c3b033e0430aa47c0d7279c5fb9ae699f34cc794b361bc96171cd
0b033515b1023d80f80ee227136cf5509f6e5b66bb39450ddafa1d1bb5b2acab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd9a9b7c90289f6dbb870b609765d8a5a8bec9b5150f7b866f47f63c7cd1cbd
0d8d71bdcae968558d46992970999923a5644067497dc156f3f888f517a58b9e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f7a09758c87bf055b26c9f4c588f5357e3214be18019d43d531818369816e8b
0f7dd7f1fa44944d0c4bafa399cf20f34f48d391f9e7438b84b068cba16f07d3
102d451d3fe5a515dd1993a986982ffca812f0fd10b27a16c70b31dd6020683c
11e0e48a5c430b94f62759c5bacfa98795b8f6c5646e01c95b5b8f13f3e4e639
138bec58cfd65720c14272d5aed343b949207725edd5f676bdcd9bb092c963f0
13b27ee96d7a7b149498096559d8fe698df418133ea50f446ba9bc9f94dba730
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1940b7ca414417d344c0a3f22e2cb27873b399224c321d4bb3c38862e543a1db
199219a286886204cb63366914c6e1e1a29cae3626805565499868d088ace98c
1b86d8c739c9f3e1ecfde56ea85f699ebeb53a6d576523828150c147bb11f54e
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1e98a3ede349fecfd14a4b6cefad84f9b31076e53f30fb2bbb63adcd54f0f64f
1ed1d1cb8623bf3167e5cbb2b7c30b8d26f243976ee9f6788d34a4e4b2de3d83
1f55ab848addef247470244b0789d526b9f97a8a8077acbb4c4c969f01d024c2
208072788ec5d30485f0dffebe5d452db27745a9395d1eccb9af4fceeb293ad1
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
236243c905396b497287c2eecea91eee817997f903a12b28c84e047616346cfe
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a
24de5f276c60a4b76f5f218bf89a52232327024967c9ac4848e8385d0cf99e98
25518d2c841e59dec58e64b57333fbd2640ace7042fe584dc19649690e14272f
25dbd39df1e62557d9b10c52ae5ab5d8b54ae40de0fca8572f88f41f11675e2a
26cf4453783f0965a47a2281abec28445f27f8ff34d33dd47528706dd4de10bb
27643e651751bd6c2cbe1350d6336dd8cc807049b14bdecd4620d7e1afd010ad
2792408224dde6373f1778228a05505a2a36913137c920af418594c08133fd0a
28c3b24f87d5f92b9674f8f01f11fb31a3e68538ea483ac9812986bb8b8d9294
28d4bd1f035e957aaa00531c44df5cf7b802ae9235261ed370510fdd1743a52b
298d707012ffc9b53afd4f2373df0efe7daed45d1cf1ac1648e9455a3b3675f0
29cfafc91ce129ba6f93b1ad97f427892ace1e1e5226141bbab61d89fa85b590
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
2a07ea8397d43520ddd513cea7b5b94fe4dfcbe70f6952f891f48750d9f55ac9
2a8ce07b19c6bc8278de07de3f720d8e796698d19c30d8e10ed19084354639c7
2b678f0f6e81d299144c8c356bfc6a9d78709cd344aa1996b82a6a27b62925c8
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2d985649d1d2e56127d13a5d1aba67f2fa6e1d18c142b577bb674941e960aad2
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
306eb5d258e02b405f7ee24f144a4964207f46d1d09843787151a79a26f1d4ee
3117ef8de99c385baec23e1ff509a1cbdb1efec22548af8218108e58a9669216
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31e8033a51a43be504de530158a1237d9803c11fec26555b4c5ad1505ccf422d
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357
34c3efc77df977d35738ee6cf92152d49ba78ee0dcaa6fd4e09b5e8ee72d7ce7
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab
350f32aef8403d42a781f16b508cb9a894617b48aa2732795f57e102375af097
35c437852d1e5992974848978d8a089a8b5adfa6ea459b9181d8046164b38028
368f12a10a00c1967ab63087a3bc15beb8115628542bc5491a1574edbbaf02f6
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3a2eec023adc8c05274eed54b4443f2a95502bba843fe0685313d992785f7c6e
3a2f41c9aa70062c58f679c2038f0adbdd2a6668d761ca698d2e1e4d41e9d840
3c6026f564d0353e7a94d94a6b91a3e19c127b4170fb46da20056845fd9c36ba
3ddfc996b5b196ee104c980e24d4a4183b3224352b1f9d5ead255019e1205d8c
3e98125694d9931deddc26813896339026c50c64573e32a896c6e2ae6d8d4db0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb4db2e6c27e9a8a54e3a1d233f47265a21634f8021c4f750578e5af7f2c590
3ef2df70fb969b54f937f8840677fd07fb06e6d1438418ef7132e48c9464ab7d
3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b41a360bc2bc928786159e33f72611bb5cf22ed48877f2d0861d19db16fc31
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d
41217f510ab18798464ae7ea2fd8b6242d185ea80c11f55f013e3e115546e8a8
417fd63c23a7c6e249b54002e965c6d3eda19e06b84a4ae80e226021ed2ac9a6
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
42f1001a0d21e42b0a40b9ff231b0ba95c48b4fd2fa21d3e4f1aba15e202b018
43db0a6ec2ef25a0e6ea75134043dcaf5e0051284d145aa7feb29fc8044fdece
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6088f1d9548bd997ca79a98e86ffee75f986c0542ea79449988a200560f250
4ac318b1433cec61648ac7592a818153258dbbff724264b2671b42c545ca848e
4af9d6205e6e709dfff2aed32006a5ad62a2c730b7e43d8a0968a718b69c75c9
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4c141ae90007078a4882d940070831acc1fa3275a6aa4231dcac3c477b8ff555
4c30eee60ba36b2c89b60ea23673a73eb2a8a30d6785b76594cee6a75a583ba0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50787a7684b4c3b017af0d1f754e97969bdd6cf20bf2d59e81d614dccc916c84
5349d4b7f9104cb6f901a952a12c420891fbef4ce8a02e3b9e72e834316aaa4b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
541d03f0470bba810e51fa31198f6808a12994b1b83d40a65ab408e95dd8cbf1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55306872269e2f1b8b7df1b131017007577c4b4ae361f9c1e3cc0118e0e29b1e
569e1ba04a98aca294d4d0a2b67e92de6cb19c2e4ab1dbf0c29330ad2de9f913
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
578b130d8727e233ece4772e7fd7680c22d200c00c76135d141a9ce2327f9126
584cef30c8b0276d0fa2b0a7999ca5eb2de381f83546601106665e47d538f23c
59503ee4a006b3075f5817e3740635657a43294b6ce47fc281c267b2c9dbf817
59ee8fd5028e981f3ed0dca3bdb7731edae699f1652f23769a9ba59a27f4d407
5b06ee01d8eb8047e4ecc27700dc2ee9434a5a4189d89adcf9b69fb8165ae931
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
5b5b7eda2900c6316c5c4b842a5928ad0290246bdd278c5d8970a38252c7b666
5ba9d72a3a2306becbc032d8d2777fa548e0c090e5261785922ce65e09ad0008
5bff660e8f15538b807c492c8b9b44531a82ec4d905604ac6ccda4ed97e119d7
5c6e1a83304838097545a1ef48c04d539f7c04d75d8b081fbe10618b0c1948b6
5cd40fe604b58b6d0f2fd44e5fcc9423a943051aedfc3d44aeac6612dd7e2050
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61b194599cc1cd5be6ab8d8279e48c958f9b93a6836a0557d0730153d145aad4
62c9183ace7ffb179b0dcfe1b88a807e6bc9a649eb6dd0936b7ba94528524929
6385d0db2c1e5c55693845dadc929a3ce076c20198add4f6a19ac7efc2ad85b3
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb
6425d583bdb475a9100b37e8eb8e1d4b7a99d7cd65d451a049ee0c10653b6b68
6509d331bbab21ad2b43f245d878bd50a881a07ae93bf215b106b228280d7a3f
65e9d70642df19826ba8fb175c28918de2b18761305cd798a9d3a6ee5cad2bdf
6804acce8caf4034e76ca17282755c64641e3d54ae4c7f6218d059d076cb9e22
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527
6ad1077fcd48f19ff1f4eb531dded7d99577c219f699404da619b22a4a81dfad
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0
6c20ebe7f71ab5d3576cda01715364f9c8ee295cf56251837aa794ce2e21bed5
6eb1d97374d7d109c419a5b5d30eb49e6e57095ceea9e60945301a0d359b32cf
6fd74ae9cdfbab7675d4661239ae5bc58958af25b1127247ffb5b9a979c4de9b
70babc629aa0ea4fc0d01dd6ae705578853f3fd86c31c495fd561bde95bcb3ac
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
72eb47be0de224add691e0ad18bf8ff3decae4be687d16893ae7bf2be0759fed
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7aa01b65ddab63af081b179c28164c663a40e042b2ba1fed2644ee6f9d2a211d
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
7bea74a8949fb8732fcd7fa98dc7f441dde603024aa79ddd781521c85dd33b93
7cf80ccd052f402f68de97783975f374f2cb19f772b95bbcea5241b87370449b
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7
7d7dea60fa923ab7d7120f0c2e05888e781939006d0777b63ef9148ebdd623f2
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
7e436efe4ae1cd0ebb3e5fef30ea54de8151e1dfabd9cdc0abe1b87e7b216183
7f26214d8975f1237fe74617e0599689ffe0daceb0b78ca7f27b8cacd005dbbc
82c3ed6ff4ab2a922e388aa0ae0894d86036393ebff63f2e7e74efa9f708cad5
83927a60099c70a47fad6b301c4856d8d50dcd99e1183171946c52bf662640c4
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
847da1bce1ce13aff703a5924ccec21251bc5310a3904d57f5dcc1b8300726c4
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
86c269f58ff013e4c961ae50583e44adfd794f0d415030a549cf2f92db0295b3
8773f887e6d0472f166df5c8d38f43a81ac55d5174ebdd9f5d9fb6e53961fa8e
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
8a19d5065354bc8a69d35fae71d9f5712f927c27821f171872e8356f1a6e2186
8a7730dd4f55ea46d4c0672d9203179247141f55b500a8e0099c7a4375b1a362
8b5151f751716f242c467581a71083a097f87a2a7d2152987055651f13528729
8b61496a1ad0e557fdc39e4f6d8bedbf38aed4bfade3983372e751c17b9859f1
8b659f72017df1d6cdc07307be915ec445d7640648eda9f055cffa10dafdc722
8bdb1dace4c698b2c5709101a6d7a66d27abdede35d4d6b5246db6e670181478
8c24ca4d0934a5664764ef8f8f993f90089902be399096f7c6b6e0dae726df08
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8dde8e6be39defec247a6d4a75622476361bbedceff6348e5404634b97b03f6c
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eee10de3af2de329d7a0577d3de2f592bb0f49c3255ec09a3876278be01d10f
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92a4ace178b9880e54fe71790e6b7befa4de00f42185bee30a00d6754bc36b42
93295644da9af673ecf074ce2a3962f685662b6f69c498a77a37e4708b84ce5b
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
949f05030fd340fb981e2c4acdcdc097aa193ce2ee496e6086d8832d55cd16dc
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
96365d0efa97cf43a947425785b2bad3f7eb518f6222143d2674cbf29fe92d3a
970f5f199c6b477b36003203a8abf5af633597657283492e2a20fc793cbdd451
986036fffea7b52937718badd063cc28a6da29792e6df5c0176b302008928381
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2482b49eeec2285421eb05c8976eb56ca2daf30bf6295182eccb429a26bb2c
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45
9bfebde0017c5419bdd355f8354c91dbb3277fb434984c88e477feec671f8e53
9c35193949a32f80d5ab143da9bcc64c48718548faa26de483421a9d3edccf41
9cd468de1b3f191ce31ba0140320da8e72be548b026f02c20c23c74b1b54bde9
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9eec64368167047f9d996ee210b6d3bb01980aabadd30d0c9a65c6ed78bbd35e
9fd72153ba3e8a36d7e6a93d9bd5acb61f8f1cde905b95955a10761aa7e3636d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a8aafea7c182cd50d239de71da565129cb1110563f5c87ede4f0bdd740008f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3cd1ab9bf1c53e0373def39a5a268ebda09c54929eeb952582b0a4a394b7559
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84e073be90f3b8a06645947c17b4059cc3e2930c96661210e19504efb706331
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa6f4107b5a29a1b3d1e0fb085191dcd7d8bb9497ae061d1e1304abd20891f86
ab7f5fb6e115b876ef20135c70d52904596972ca2e9cae1c9379c851480e8e92
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
adc8fc28b66827d96a76ac5be9c44ccea9d61249418820bedd9092c16775ac3a
ae07ae363826bb4478d2028eebbf5b01267fa4afa9af5aec85e00ac13c3e8736
b0e5467938f7f0522b3d3943015cc3e72a0ec70f5e6bb0e33550f50b5d398f59
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15cd9beb3bdcdda04248a93336758e6cc23267c4dacff7f0a3c05d9abc5f7bd
b1d8189f87b428e1e35303478ce05cf5100756c6deaf1e8517be0c2d5554c87c
b267a4cc065aca882faaa89c18de0dbf47ed477b17aa66cb4e7b0a7ec0500de8
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b6d89e3b5fe9105c2adc070949d5b9f61a63700b8227950e4ea732b1c5699519
b6fe913a3f5837982290959f1648ba92dcb42338fba9332767e313e11ad45a85
b8d4a996cd3141d27eaf60e1705f6ce137cc85b836ee05f0bad4aecf7ee5a821
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
bacf5d2cdcb9e75599240481a7a703be7aacb54e21cd79eca6f911e1654b546f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd1921065dc2b974eeba17a2617c121528af4dcab92c688db4d249f4aeca802a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bff6fe2953477c19b112787a90875cba98f8fc5204e4c455fa3a70f700188269
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
c29fb37699996df1d4eb577635c7e9a2b159abf4e95fd99101ddd20f421f5d63
c47059aea1c35a75cce187a3921d7f7da3a2947879b6b6b4fce5fb1abab844b6
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c71cfdc5d8624558e2cc670a0dfacfca40f7bafd4f1393ed067e4e381ad8e6e5
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
ca7c482e345c1343ac3fe3af5451649296a8462b4fe9435e9bd61d44eb6a4593
cc17d109139a33b161c661f209fc503ee7fcf8f7ebbbf3aaf535ed0ab2b8cc89
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccd0d28962618c48f75fc894dde961d87f9bf9c1a45ed23e0ffc27eabcad7bcd
ccd46c5ca19a18ec6504ec8c7e9ecb27845853792245840b4dd98dca12f58d10
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
cd919786e58a29bed6ae038fd3e7f514232525798fc80a3d1127a5d6c5c103f4
cdc6a672e24d84d0277383399879fb8a1d6e02cf7f1fab4fe2a31aa173ad9faf
ce452421ffc53808c61795729eef02db9132d6d2cbc68198b158dce56b519272
ceaae9923dca5b17e98396a3ed20b875f581afe2aa92f7d01a01d03b393017c8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf971a227184a2fdbcca8db8f596b2a9b762d62cf724d90172918256740cf381
cfae65b85a72acd4fd82671bd789f5084acf61084009b01002f55e9bc08c3344
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d18621f7385067fcfd7ddf9af42da75c9026a0d74be6db9580f5fbe6bf73dbce
d413187e7fd42a10ac03e4b166868be0fc8d0f38ed81e354de3f5176a29ef990
d451478e68967318296d36228990231513bc7f5e5de8c11d825f8061a4e5e6cd
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d5dc3810d345b69ede6455734f4efcd13ed56b902668192e7d2004c171591a8b
d7539ef548210868612bba6365bca43dd2124c1b29a8c660172d03f7ed1ee0c4
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544
d98786d0d1f2ea3270d27f459db6be4a334c26b364e79f8f0d106c274aac2200
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
d9e1de019570ba0759135ee12ae95a92ed6f998375519af0cdb5753de3942393
da1e74368e78e83e3221b15e594aef23d53e09525633b219ef6575dafa493233
da5ddae929f113095ffc207a7df0dc6db73ee540210bc96dad5ef05590d17e4d
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
dbe0cf6b50ec23fd38afc516f0b26906780ec018276247a735f51a47a7aa76fb
dc818d92e32209d5dd493a8bf45b2b9fc8c17507307495b4504fc8a49923d1c5
dce6169b13b7d466050667fede8ba075dcdbefc6d9c93d68f2aaa52a96fc82c6
dcef382a4547d738320c7996e39f670fbc8ac42cb5e877499ba92dfd4bf5bdcb
dfe0de6e117fe3ddc32d7d5bc796bc279a336a4a70f8236eb9a45f743fad8e6f
e056e4965ecd124218ac2df2eb25777aceabaf2aa0b9a4149be67a83f833db65
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f6416dc40f594e5bf75a059332dcd8cb08eb7d5646d504dc9d091a02b93d67
e14abf506055d90555ee729a25c42a62a6a83c6435fbe9f22342e14195eaed6f
e27c0029d10a1e1f9cab0a62de8a97db68b463667a89f75576ef8ef1a848e675
e291ed40643750d88bbbf8739b9ebfecc7acb5103731bb0fb1710947fff724a6
e3a4032a23d7f94be7a6b3199fc6e227d8933d280fc0d3d3d842117a61a7dc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e461f1fc8c8c579ce2cfd14d323e118b437217a5deedd3d7e59e0a9d7e944b1c
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e75ed43041906d7a1a30057773711c90085183a5f4563f5279cfb0519a3c4ed8
e8bcbffbb8d6c67382224ce3dcc606693d1ffe08545805c167be22f9f0ab12fa
e8e57e40e378e737e9282a9277113181f7732e6e318191b730f96cd98ba59d5c
e96939b42d401676a7ebee230fd34d42f59d5af39aaeeebb257568eacd2b8711
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449
ebd2aca1b9ec793565b3ff3bf1a8e73280046d73c8676224e3381817e1f98d54
ebe43817c43c329b2bcf2d0c367782a3085ca9afe0134f56c778be2dfc5bd4d2
ebf831c917cc19797fad0a9243ad955a1f6e57183ad27c2ac123cecb29782bd7
ec7d3ddc302a1a34860837b9b1a6a18430872ef585c525b55df2ec708b90ced0
ed5a11894c21c008675badc52c7d06a2b7c37789074ea71fad33c3f449048d1e
ed79ab516c86cb0b3da37d48ebca6f7b1f0b979325cb02db26bf5208cf00dbd9
ee2d9e945ca30545a97d8a54d7e78805bb729ae0eb78f074bf7209e6d2c7256c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01028ffdc46ce6d362f768340c997c6c784bf95a3da4fc2da0c4a30eb65a799
f054bf0870f8a7262d7c6a7c35cb1ceb67823f501c4bf19b8389849fe3cf9838
f0ccb863254d37fdaf0820eec7dd45e2d2aa686332f02231185b1b62973c3bab
f11ae13dba691feaa1cf9096020147ce35fced170384228aef29015882254e44
f12d8196dcb11a8828ab4b9a858face7b9a1a22d306519f31e87279774532f54
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2645e770f595032c42715c6cc1ebda7cef04e1bf2faadea2b8d5686b34042b1
f2748fdac882bab3f3e1215e9946e0bb4a1b8a1af4c9a6b124e86ceda52ec531
f3039063bdeeddc487f9a6e8f625e1a10c8a37ec37e2707a3a3835aba0fc8686
f30711901769b5fad09214da2177589c15425a1748c77d332334fd15ed7859b9
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
f4e2f454b3a01ab26e43dfa17826225f9dabdfaa62c3bfd6e5defeba152b8b36
f4fcea89d430967c0e79d7d860cdc150b8171e52f55b2455509535a9c7d5290a
f520c872f513643d36ea77f3683d6a814d16ee031c43542aaa1e5c7e058a12a7
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f77b2643024ca1763872e531b8d8887754aad1dc313991c4584bda127ef29dc1
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317
f9fe0c390cecd08fd45fa296fdc6c9b428542130a36c0fce7c45cd7ba4479307
fa937297be403dd6a9e33a4b8384e9870dcbd1428872a5417c0be488b296bc80
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
fd42eb21f950a6ebd0e3eb2b9194232ddb6e1421fab1503b03a6d16a7476aecc
fd45004fca6b330555adc2a59a55b8f48d17f05570165acafa1175cc9970ca1e
ff6a461b243e5cd8eeaee5cc411fa1e68351f11c387e3271928ee4fd6e55c8e7
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914