urlscan.io logo urlscan.io
SecurityTrails logo

newsyou.info Open in urlscan Pro
185.248.101.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Effective URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Submission: On January 27 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 13 countries across 100 domains to perform 676 HTTP transactions. The main IP is 185.248.101.21, located in Russian Federation and belongs to IPSERVER-RU-NET Fiord, RU. The main domain is newsyou.info. The Cisco Umbrella rank of the primary domain is 790823.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 23rd 2021. Valid for: a year.
This is the only time newsyou.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
42 185.248.101.21 44812 (IPSERVER-...)
22 2a00:1450:400... 15169 (GOOGLE)
2 85.192.12.169 12695 (DINET-AS)
32 62.76.25.27 61400 (NETRACK-AS)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.248.199.158 14061 (DIGITALOC...)
1 193.29.200.157 197203 (UMHAS)
5 93.95.100.117 48347 (MTW-AS)
23 104.19.135.78 13335 (CLOUDFLAR...)
1 2606:2800:234... 15133 (EDGECAST)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 79.171.117.17 64494 (VARITI-AS)
37 54.38.197.123 16276 (OVH)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 85.192.12.173 12695 (DINET-AS)
13 185.254.189.130 59504 (Hosting v...)
6 80.211.42.243 31034 (ARUBA-ASN)
13 147.135.189.55 16276 (OVH)
2 4 88.212.201.198 39134 (UNITEDNET)
1 1 91.198.36.16 43405 (DIGITAL-V...)
1 91.198.36.78 43405 (DIGITAL-V...)
4 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 208722 (YNDX)
2 193.200.65.18 6681 (GIVEME-CLOUD)
3 34 2a00:1450:400... 15169 (GOOGLE)
2 185.187.81.41 43332 (IDSTRATEG...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
8 37.48.86.87 60781 (LEASEWEB-...)
3 193.106.95.134 48614 (ITSOFT-AS)
1 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
2 18.66.248.76 16509 (AMAZON-02)
1 185.187.81.40 43332 (IDSTRATEG...)
12 185.148.37.79 48347 (MTW-AS)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
9 185.148.37.26 48347 (MTW-AS)
11 145.239.108.234 16276 (OVH)
3 94.23.153.171 16276 (OVH)
1 77.123.132.42 35680 (VOLIA)
1 193.200.65.5 6681 (GIVEME-CLOUD)
2 3 31.220.27.134 39572 (ADVANCEDH...)
1 136.243.84.75 24940 (HETZNER-AS)
1 34.120.139.69 15169 (GOOGLE)
2 3 193.232.148.142 48061 (UMA-TECH-AS)
4 37.18.16.21 205675 (HYBRID-AS)
3 217.65.2.150 29076 (CITYTELEC...)
4 4 46.4.121.26 24940 (HETZNER-AS)
2 2 159.69.74.7 24940 (HETZNER-AS)
2 2 195.201.243.72 24940 (HETZNER-AS)
5 13 188.42.29.166 7979 (SERVERS-COM)
2 2 148.251.156.238 24940 (HETZNER-AS)
25 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 3 89.108.120.68 197695 (AS-REG)
3 93.95.102.105 48347 (MTW-AS)
2 2 81.222.128.16 20597 (ELTEL-AS)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 109.206.161.114 50245 (SERVEREL-AS)
2 54.145.145.202 14618 (AMAZON-AES)
1 188.42.191.196 7979 (SERVERS-COM)
2 151.236.71.19 204720 (CDNETWORKS)
2 2600:9000:225... 16509 (AMAZON-02)
1 2a0a:51c0:0:1... 48314 (IP-PROJECTS)
5 2600:1901:0:7... 15169 (GOOGLE)
70 2606:4700:303... 13335 (CLOUDFLAR...)
14 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
4 2a02:2638:1::2 44788 (ASN-CRITE...)
2 2a02:2638::18 44788 (ASN-CRITE...)
1 2 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 116.203.103.102 24940 (HETZNER-AS)
1 93.90.198.147 8560 (IONOS-AS ...)
8 8 35.211.178.172 19527 (GOOGLE-2)
2 2 185.29.132.241 30419 (MEDIAMATH...)
2 2 63.251.86.51 10913 (INTERNAP-BLK)
7 7 31.172.81.159 44066 (DE-FIRSTC...)
3 3 31.172.81.172 44066 (DE-FIRSTC...)
1 2 104.16.201.58 13335 (CLOUDFLAR...)
1 3 2001:6d0:4001... 52016 (TNSMSK-)
5 7 2620:116:800d... 16509 (AMAZON-02)
3 3 3.122.111.84 16509 (AMAZON-02)
1 25 108.177.14.155 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
3 35.186.253.211 15169 (GOOGLE)
5 5 185.64.190.78 62713 (AS-PUBMATIC)
2 3 69.173.144.165 26667 (RUBICONPR...)
1 1 52.210.63.97 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
2 2600:1f14:d24... 16509 (AMAZON-02)
1 1 217.182.200.19 16276 (OVH)
14 2a02:2638:1::3 44788 (ASN-CRITE...)
2 178.250.0.160 44788 (ASN-CRITE...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.66.122.23 16509 (AMAZON-02)
6 130.211.115.4 15169 (GOOGLE)
4 178.250.0.162 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1f14:b4f... 16509 (AMAZON-02)
2 3.213.81.196 14618 (AMAZON-AES)
1 31.172.81.158 44066 (DE-FIRSTC...)
6 85.192.12.174 12695 (DINET-AS)
3 3 145.239.193.130 16276 (OVH)
3 88.198.250.30 24940 (HETZNER-AS)
20 20 84.200.5.215 31400 (ACCELERAT...)
10 88.99.63.132 24940 (HETZNER-AS)
1 2 204.62.13.72 46636 (NATCOWEB)
1 1 198.24.170.53 19437 (SS-ASH)
4 46.236.13.147 12703 (PULSANT-AS)
15 104.19.132.78 13335 (CLOUDFLAR...)
6 217.67.179.205 29226 (MASTERTEL...)
1 95.163.155.37 12695 (DINET-AS)
2 18.66.97.25 16509 (AMAZON-02)
4 54.72.0.164 16509 (AMAZON-02)
1 3 23.37.42.132 16625 (AKAMAI-AS)
1 213.19.162.90 3356 (LEVEL3)
1 2 52.211.218.251 16509 (AMAZON-02)
1 51.75.86.98 16276 (OVH)
1 2 2a02:6b8::90 208722 (YNDX)
1 82.145.213.8 39832 (NO-OPERA)
676 104
42    185.248.101.21 (Russian Federation)

ASN44812 (IPSERVER-RU-NET Fiord, RU)
newsyou.info
22    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    85.192.12.169 (Russian Federation)

ASN12695 (DINET-AS, RU)
5h3oyhv838.com
32    62.76.25.27 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
pwkvdk.com
8    2606:4700:10::ac43:581 (United States)

ASN13335 (CLOUDFLARENET, US)
jsn.24smi.net
1    104.248.199.158 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
codesbro.com
1    193.29.200.157 (Ukraine)

ASN197203 (UMHAS, UA)
kor.ill.in.ua
5    93.95.100.117 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
news.2xclick.ru
news.gnezdo.ru
23    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
1    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)
leokross.com
37    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    85.192.12.173 (Russian Federation)

ASN12695 (DINET-AS, RU)
pbkqidejmes.ru
pxksnymto.ru
13    185.254.189.130 (Russian Federation)

ASN59504 (Hosting vpsville.ru, RU)
PTR: vps125001.vpsville.ru
video.ridus.ru
6    80.211.42.243 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host243-42-211-80.serverdedicati.aruba.it
telegram.im
13    147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com
m.mixadvert.com
4    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
1    91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua
r.i.ua
1    91.198.36.78 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: sh02.mi6.kiev.ua
i.i.ua
4    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
2    193.200.65.18 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: utarget.pro
utarget.ru
34    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
adservice.google.de
2    185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
4    2606:4700:3037::ac43:c78e (United States)

ASN13335 (CLOUDFLARENET, US)
img-light.com
8    37.48.86.87 (Nootdorp, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ns4.24smi.org
data.24smi.net
3    193.106.95.134 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
prodmp.ru
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:401b:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
2    18.66.248.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-76.dus51.r.cloudfront.net
openfpcdn.io
1    185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
loadercdn.net
12    185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi5.gnezdo.ru
17    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
25    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    185.148.37.26 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
zn3.2xclick.ru
11    145.239.108.234 (France)

ASN16276 (OVH, FR)
PTR: d5.mix.storage.badvps.com
i.mixadvert.com
3    94.23.153.171 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: d5.mix.site.badvps.com
mixadvert.com
1    77.123.132.42 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 42.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
3    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de
recreativ.ru
1    34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com
dsp-trk.eskimi.com
3    193.232.148.142 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.sender.ltmse.com
px.adhigh.net
4    37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
3    217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
4    46.4.121.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info
www.acint.net
2    159.69.74.7 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1290151.sapientru.net
ssp-rtb.sape.ru
2    195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info
acint.net
13    188.42.29.166 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    148.251.156.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.156.251.148.clients.your-server.de
exchange.buzzoola.com
25    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
3    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
2    81.222.128.16 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad10.adriver.ru
ad.adriver.ru
5    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    109.206.161.114 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.114.serverel.net
eu-node2.solutionslabkit.com
2    54.145.145.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-145-202.compute-1.amazonaws.com
q.adrta.com
1    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
lbs-eu1.ads.betweendigital.com
2    151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
2    2600:9000:2250:4e00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
1    2a0a:51c0:0:13d:247::1 (Germany)

ASN48314 (IP-PROJECTS, DE)
ad.bsmartad.net
5    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
70    2606:4700:3039::6815:c086 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
14    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
4    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)
t.adcell.com
1    116.203.103.102 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.102.103.203.116.clients.your-server.de
www.juui.de
1    93.90.198.147 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
rtbnote.bsmartdata.com
8    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
7    31.172.81.159 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
3    31.172.81.172 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
2    104.16.201.58 (None, )

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
3    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
7    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    3.122.111.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-111-84.eu-central-1.compute.amazonaws.com
d.agkn.com
25    108.177.14.155 (United States)

ASN15169 (GOOGLE, US)
PTR: lt-in-f155.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    52.210.63.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-63-97.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    2600:1f14:d24:9302:97b1:15b5:5291:407b (Boardman, United States)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    217.182.200.19 (France)

ASN16276 (OVH, FR)
PTR: gcm5.host.hit.gemius.pl
googlecm.hit.gemius.pl
14    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
4    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    18.66.122.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-23.fra60.r.cloudfront.net
pix.adrta.com
6    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
4    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2606:4700:20::681a:134 (United States)

ASN13335 (CLOUDFLARENET, US)
img.servestatic.net
1    2606:4700::6810:79c3 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
1    2600:1f14:b4f:4b03:410a:3d01:94d4:66d5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
ipv6.adrta.com
2    3.213.81.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-81-196.compute-1.amazonaws.com
adrta.com
1    31.172.81.158 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
6    85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)
dmpprof.com
dprof.site
3    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
3    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
20    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
10    88.99.63.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.o2online.de
partner.blau.de
2    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
1    198.24.170.53 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
4    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
15    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
6    217.67.179.205 (Balashikha, Russian Federation)

ASN29226 (MASTERTEL-AS Moscow, Russia, RU)
PTR: 217-67-179-205.in-addr.mastertelecom.ru
guepslka.com
1    95.163.155.37 (Reutov, Russian Federation)

ASN12695 (DINET-AS, RU)
adsbid-buyout.adghndou0sdh.ru
2    18.66.97.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-25.fra56.r.cloudfront.net
analytics.webgains.io
4    54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
api.webgains.io
3    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    213.19.162.90 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
2    52.211.218.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
Apex Domain
Subdomains		 Transfer
70 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2190
ad4m.at — Cisco Umbrella Rank: 1809
assets.ad4m.at — Cisco Umbrella Rank: 34120
2 MB
54 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
135 KB
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
458 KB
42 newsyou.info
newsyou.info — Cisco Umbrella Rank: 790823
3 MB
38 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 55182
file.adpartner.pro — Cisco Umbrella Rank: 209193
98 KB
38 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7373
c.mgid.com — Cisco Umbrella Rank: 5668
cdn.mgid.com — Cisco Umbrella Rank: 9908
servicer.mgid.com — Cisco Umbrella Rank: 7619
s-img.mgid.com — Cisco Umbrella Rank: 6584
cm.mgid.com — Cisco Umbrella Rank: 1572
740 KB
32 criteo.net
pix.eu.criteo.net — Cisco Umbrella Rank: 7730
static.criteo.net — Cisco Umbrella Rank: 645
csm.eu.criteo.net — Cisco Umbrella Rank: 7881
972 KB
32 pwkvdk.com
pwkvdk.com
562 KB
27 mixadvert.com
m.mixadvert.com — Cisco Umbrella Rank: 125397
i.mixadvert.com — Cisco Umbrella Rank: 173482
mixadvert.com — Cisco Umbrella Rank: 115993
479 KB
25 gstatic.com
fonts.gstatic.com
506 KB
19 gnezdo.ru
fcgi5.gnezdo.ru — Cisco Umbrella Rank: 113737
news.gnezdo.ru — Cisco Umbrella Rank: 134155
fcgi4.gnezdo.ru — Cisco Umbrella Rank: 76831
33 KB
17 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
11 KB
16 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1818
lbs-eu1.ads.betweendigital.com — Cisco Umbrella Rank: 110784
cache.betweendigital.com — Cisco Umbrella Rank: 19174
29 KB
16 24smi.net
jsn.24smi.net — Cisco Umbrella Rank: 73783
data.24smi.net — Cisco Umbrella Rank: 68670
50 KB
13 ridus.ru
video.ridus.ru
1 MB
10 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 55085
4 KB
10 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 57975
3 KB
10 criteo.com
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10541
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 13370
ads.eu.criteo.com — Cisco Umbrella Rank: 7925
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10834
95 KB
10 2xclick.ru
news.2xclick.ru — Cisco Umbrella Rank: 154273
zn3.2xclick.ru — Cisco Umbrella Rank: 155652
241 KB
9 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 113556
static-de.ad4mat.net — Cisco Umbrella Rank: 151438
15 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
337 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
4 KB
8 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 8522
data.ad-score.com — Cisco Umbrella Rank: 6597
118 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
1 KB
7 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 689
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2741
12 KB
7 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1255
2 KB
7 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 2736
4 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19799
api.webgains.io — Cisco Umbrella Rank: 60455
102 KB
6 guepslka.com
guepslka.com — Cisco Umbrella Rank: 386698
112 KB
6 adrta.com
q.adrta.com — Cisco Umbrella Rank: 2574
pix.adrta.com — Cisco Umbrella Rank: 3492
ipv6.adrta.com — Cisco Umbrella Rank: 2709
adrta.com — Cisco Umbrella Rank: 1804
14 KB
6 acint.net
www.acint.net — Cisco Umbrella Rank: 35385
acint.net — Cisco Umbrella Rank: 28552
2 KB
6 telegram.im
telegram.im — Cisco Umbrella Rank: 258489
21 KB
5 blau.de
partner.blau.de — Cisco Umbrella Rank: 75415
7 KB
5 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 66029
7 KB
5 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
2 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 25627
2 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44883
55 KB
4 dmpprof.com
dmpprof.com — Cisco Umbrella Rank: 21379
2 KB
4 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 6197
949 B
4 img-light.com
img-light.com — Cisco Umbrella Rank: 336452
52 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2853
an.yandex.ru — Cisco Umbrella Rank: 3286
69 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
59 KB
4 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8294
3 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
45 KB
3 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 46801
1 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 48812
5 KB
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1548
549 B
3 agkn.com
d.agkn.com — Cisco Umbrella Rank: 529
2 KB
3 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 10571
1 KB
3 adsniper.ru
sync3.adsniper.ru — Cisco Umbrella Rank: 12418
2 KB
3 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 13701
1 KB
3 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 48668
645 B
3 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 10726
1 KB
3 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11367
672 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
1 KB
3 prodmp.ru
prodmp.ru — Cisco Umbrella Rank: 46144
489 B
3 leokross.com
leokross.com — Cisco Umbrella Rank: 174612
24 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
845 B
2 dprof.site
dprof.site — Cisco Umbrella Rank: 131327
1 KB
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2627
996 B
2 servestatic.net
img.servestatic.net — Cisco Umbrella Rank: 100575
46 KB
2 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1541
591 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
885 B
2 yabidos.com
pixel.yabidos.com — Cisco Umbrella Rank: 6694
2 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
1 KB
2 adcell.com
t.adcell.com — Cisco Umbrella Rank: 43637
635 B
2 adriver.ru
ad.adriver.ru — Cisco Umbrella Rank: 24531
1 KB
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 25947
380 B
2 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 37547
1 KB
2 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 41203
846 B
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 152241
24 KB
2 utarget.ru
utarget.ru — Cisco Umbrella Rank: 76109
51 KB
2 i.ua
r.i.ua — Cisco Umbrella Rank: 174813
i.i.ua — Cisco Umbrella Rank: 461716
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
83 KB
2 5h3oyhv838.com
5h3oyhv838.com
64 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 5658
410 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
814 B
1 adghndou0sdh.ru
adsbid-buyout.adghndou0sdh.ru — Cisco Umbrella Rank: 251656
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3869
611 B
1 sniperlog.ru
sync3.sniperlog.ru — Cisco Umbrella Rank: 37090
516 B
1 glotgrx.com
pre.glotgrx.com — Cisco Umbrella Rank: 6448
304 B
1 gemius.pl
googlecm.hit.gemius.pl — Cisco Umbrella Rank: 8640
335 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3397
375 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 890
324 B
1 bsmartdata.com
rtbnote.bsmartdata.com — Cisco Umbrella Rank: 965112
120 B
1 juui.de
www.juui.de
93 KB
1 bsmartad.net
ad.bsmartad.net — Cisco Umbrella Rank: 539211
982 B
1 solutionslabkit.com
eu-node2.solutionslabkit.com — Cisco Umbrella Rank: 725883
210 B
1 eskimi.com
dsp-trk.eskimi.com — Cisco Umbrella Rank: 41518
256 B
1 recreativ.ru
recreativ.ru — Cisco Umbrella Rank: 55749
110 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 6679
351 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 474066
170 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
646 B
1 pxksnymto.ru
pxksnymto.ru — Cisco Umbrella Rank: 92382
48 KB
1 pbkqidejmes.ru
pbkqidejmes.ru
48 KB
1 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 592
64 KB
1 ill.in.ua
kor.ill.in.ua — Cisco Umbrella Rank: 346462
15 KB
1 codesbro.com
codesbro.com — Cisco Umbrella Rank: 205782
15 KB
676 100
Domain Requested by
42 newsyou.info newsyou.info
pagead2.googlesyndication.com
37 a4p.adpartner.pro newsyou.info
a4p.adpartner.pro
32 pwkvdk.com newsyou.info
pwkvdk.com
30 assets.ad4m.at as.ad4m.at
29 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
newsyou.info
25 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
newsyou.info
25 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
25 fonts.gstatic.com fonts.googleapis.com
22 pagead2.googlesyndication.com newsyou.info
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
20 ad4m.at as.ad4m.at
ad4m.at
20 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
17 fonts.googleapis.com newsyou.info
video.ridus.ru
client
googleads.g.doubleclick.net
cdnjs.cloudflare.com
5h3oyhv838.com
15 s-img.mgid.com newsyou.info
14 static.criteo.net ads.eu.criteo.com
14 pix.eu.criteo.net googleads.g.doubleclick.net
ads.eu.criteo.com
13 ads.betweendigital.com 5 redirects newsyou.info
srcdoc
13 m.mixadvert.com newsyou.info
m.mixadvert.com
13 video.ridus.ru newsyou.info
video.ridus.ru
12 fcgi5.gnezdo.ru news.2xclick.ru
newsyou.info
11 i.mixadvert.com newsyou.info
m.mixadvert.com
11 jsc.mgid.com newsyou.info
jsc.mgid.com
10 www.lead-alliance.net 10 redirects
10 www.telefonica-partner.de 10 redirects
9 www.googletagservices.com googleads.g.doubleclick.net
9 zn3.2xclick.ru newsyou.info
8 x.bidswitch.net 8 redirects
8 data.24smi.net jsn.24smi.net
8 jsn.24smi.net newsyou.info
jsn.24smi.net
7 cms.quantserve.com 5 redirects googleads.g.doubleclick.net
7 sync.bumlam.com 7 redirects
6 guepslka.com newsyou.info
6 data.ad-score.com js.ad-score.com
6 telegram.im newsyou.info
telegram.im
5 servicer.mgid.com jsc.mgid.com
5 partner.blau.de as.ad4m.at
5 partner.o2online.de as.ad4m.at
5 image6.pubmatic.com 5 redirects
5 prod-rtb.ad4mat.net googleads.g.doubleclick.net
newsyou.info
5 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
5 mc.yandex.com 2 redirects newsyou.info
4 api.webgains.io analytics.webgains.io
4 cm.mgid.com jsc.mgid.com
4 track.webgains.com as.ad4m.at
4 dmpprof.com pbkqidejmes.ru
4 csm.eu.criteo.net ads.eu.criteo.com
4 static-de.ad4mat.net as.ad4m.at
4 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
newsyou.info
4 www.acint.net 4 redirects
4 dm.hybrid.ai newsyou.info
4 news.gnezdo.ru newsyou.info
news.2xclick.ru
4 img-light.com newsyou.info
4 www.google-analytics.com newsyou.info
www.google-analytics.com
a4p.adpartner.pro
www.googletagmanager.com
4 counter.yadro.ru 2 redirects newsyou.info
video.ridus.ru
4 cdnjs.cloudflare.com newsyou.info
ads.eu.criteo.com
3 pb.media01.eu as.ad4m.at
3 pv.medialead.de 3 redirects
3 rtb.openx.net googleads.g.doubleclick.net
3 d.agkn.com 3 redirects
3 www.tns-counter.ru 1 redirects srcdoc
3 sync3.adsniper.ru 3 redirects
3 fcgi4.gnezdo.ru newsyou.info
3 x01.aidata.io 2 redirects newsyou.info
3 match.new-programmatic.com newsyou.info
3 px.adhigh.net 2 redirects newsyou.info
3 s.uuidksinc.net 2 redirects newsyou.info
3 mixadvert.com newsyou.info
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 prodmp.ru pbkqidejmes.ru
3 leokross.com newsyou.info
leokross.com
2 an.yandex.ru 1 redirects
2 ad.360yield.com 1 redirects
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 analytics.webgains.io track.webgains.com
2 dprof.site pbkqidejmes.ru
2 cdn.mgid.com newsyou.info
2 inv-nets.admixer.net 1 redirects newsyou.info
2 adrta.com pix.adrta.com
2 img.servestatic.net newsyou.info
2 cat.fr.eu.criteo.com ads.eu.criteo.com
2 ag.innovid.com googleads.g.doubleclick.net
2 id.rlcdn.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 pixel.yabidos.com 1 redirects srcdoc
2 ap.lijit.com 2 redirects
2 sync.mathtag.com 2 redirects
2 t.adcell.com 1 redirects ad.bsmartad.net
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 cat.nl.eu.criteo.com googleads.g.doubleclick.net
2 js.ad-score.com srcdoc
js.ad-score.com
2 cache.betweendigital.com srcdoc
ads.betweendigital.com
2 q.adrta.com srcdoc
q.adrta.com
2 ad.adriver.ru 2 redirects
2 exchange.buzzoola.com 2 redirects
2 acint.net 2 redirects
2 ssp-rtb.sape.ru 2 redirects
2 openfpcdn.io pbkqidejmes.ru
2 s.zmctrack.net newsyou.info
2 utarget.ru newsyou.info
utarget.ru
2 mc.yandex.ru 1 redirects newsyou.info
2 connect.facebook.net newsyou.info
connect.facebook.net
2 5h3oyhv838.com newsyou.info
5h3oyhv838.com
1 t.adx.opera.com
1 onetag-sys.com cache.betweendigital.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 adsbid-buyout.adghndou0sdh.ru 5h3oyhv838.com
1 c.mgid.com jsc.mgid.com
1 server.cpmstar.com 1 redirects
1 sync3.sniperlog.ru newsyou.info
1 ipv6.adrta.com pix.adrta.com
1 pre.glotgrx.com srcdoc
1 pix.adrta.com q.adrta.com
1 googlecm.hit.gemius.pl 1 redirects
1 pixel.everesttech.net 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 rtbnote.bsmartdata.com ad.bsmartad.net
1 www.juui.de ad.bsmartad.net
1 ad.bsmartad.net srcdoc
1 lbs-eu1.ads.betweendigital.com srcdoc
1 eu-node2.solutionslabkit.com srcdoc
1 dsp-trk.eskimi.com newsyou.info
1 recreativ.ru newsyou.info
1 t.trafmag.com newsyou.info
1 file.adpartner.pro newsyou.info
1 www.googletagmanager.com video.ridus.ru
1 loadercdn.net newsyou.info
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pxksnymto.ru leokross.com
1 i.i.ua newsyou.info
1 r.i.ua 1 redirects
1 pbkqidejmes.ru 5h3oyhv838.com
1 platform.twitter.com newsyou.info
1 news.2xclick.ru newsyou.info
1 kor.ill.in.ua newsyou.info
1 codesbro.com newsyou.info
676 137
Subject Issuer Validity Valid
newsyou.info
AlphaSSL CA - SHA256 - G2		 2021-02-23 -
2022-03-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
ybz1jsblbv.com
R3		 2022-01-25 -
2022-04-25		 3 months crt.sh
pwkvdk.com
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-13 -
2022-10-12		 a year crt.sh
robotchecked.com
R3		 2022-01-26 -
2022-04-26		 3 months crt.sh
*.ill.in.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-09-25 -
2022-09-25		 a year crt.sh
news.2xclick.ru
R3		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
leokross.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
adpartner.pro
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-05 -
2022-02-03		 3 months crt.sh
pwrlkyotm.com
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
video.ridus.ru
R3		 2022-01-24 -
2022-04-24		 3 months crt.sh
telegram.im
R3		 2021-12-23 -
2022-03-23		 3 months crt.sh
m.mixadvert.com
R3		 2022-01-09 -
2022-04-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.utarget.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-06-09 -
2022-07-07		 a year crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-21 -
2022-04-25		 a year crt.sh
*.24smi.net
AlphaSSL CA - SHA256 - G2		 2021-01-02 -
2022-02-03		 a year crt.sh
prodmp.ru
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
openfpcdn.io
Amazon		 2021-11-11 -
2022-12-10		 a year crt.sh
loadercdn.net
R3		 2021-11-26 -
2022-02-24		 3 months crt.sh
fcgi5.gnezdo.ru
R3		 2022-01-08 -
2022-04-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
news.gnezdo.ru
R3		 2022-01-23 -
2022-04-23		 3 months crt.sh
zn3.2xclick.ru
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
i.mixadvert.com
R3		 2022-01-09 -
2022-04-09		 3 months crt.sh
mixadvert.com
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
uuidksinc.net
R3		 2022-01-14 -
2022-04-14		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2021-08-23 -
2022-09-06		 a year crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-12 -
2022-05-13		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
new-programmatic.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.solutionslabkit.com
Go Daddy Secure Certificate Authority - G2		 2021-04-08 -
2022-04-08		 a year crt.sh
*.adrta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-10 -
2022-06-10		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-24 -
2023-02-24		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
ad.bsmartad.net
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-25		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-06		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
rtbnote.bsmartdata.com
R3		 2021-12-05 -
2022-03-05		 3 months crt.sh
adcell.com
Certum Domain Validation CA SHA2		 2021-09-20 -
2022-09-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-04		 3 months crt.sh
dmpprof.com
R3		 2022-01-22 -
2022-04-22		 3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
guepslka.com
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
adsbid-buyout.adsbid.ru
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2021-12-10 -
2022-12-31		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh

This page contains 81 frames:

Primary Page: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Frame ID: 598275CB4A939501E1A55E254948DA59
Requests: 278 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5AD7A3B0A2F2A65DBE829916169A8431
Requests: 1 HTTP requests in this frame

Frame: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Frame ID: 1ED3BFAB4CB3DD7EB57127E2FEAAB874
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/zrt_lookup.html
Frame ID: 906938774848840120F67088F9ABEC96
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: E3816106F6F1CCD0BE4A9D3EC7C73E6E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&referer=undefined&
Frame ID: F3CF1383C528735D13E7E3415A99A76A
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=610&screen_width=1600&reload_count=0&banner_num=1643297543174424053&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Frame ID: 2DA56F170AD4732B02C33A0978CCFC24
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/vunit/ls?vunit=7459&bannerNum=18598623110562372&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Frame ID: 47E62F1409330A987A5B986FFC506880
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Frame ID: 3264260AF849964AA7A58D3A256510F6
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=610&screen_width=1600&reload_count=0&banner_num=1643297543206800085&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Frame ID: 676720E26EB03D8E52D0538C78B1C49B
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7760&unit_id=7880&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543213313552&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Frame ID: FC92D4019B58EA42F2AB06F81B5321FB
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543234041153&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Frame ID: E9844CEE9C7E4B18658F02384B4707D4
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=5687&unit_id=6566&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543233919429&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Frame ID: 82386105316FB499830F29B898094B75
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=1573534164&lmt=1643297543&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543207&bpp=3&bdt=737&idt=564&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3153388284000&frm=20&pv=2&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=582
Frame ID: 7233632171468F5DE5CAB55BC700FB30
Requests: 1 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Frame ID: 27050900FBE1EC45180C70A1889FCAB9
Requests: 11 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Frame ID: 588BA9D3C37654CA9EC9250A7CC52602
Requests: 8 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center2.php
Frame ID: D3675FEF9972837F46CD09BCB276C0EA
Requests: 8 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: D4F93E24DF704715CDE2EC0D746273D9
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Frame ID: BA7A365A610C0151A94FAA8E6FE26020
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Frame ID: F38E785F19CCF1B8FE701A9E675F4AC1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Frame ID: DB66918A906C07F1AD71DEB578E35A4D
Requests: 8 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: F68A262F905C7167B317CF2428169DA4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Frame ID: 51703C84400D555616ADAC112545F003
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1643297544&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1589&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=3390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=lWmNVgJi3G&p=https%3A//newsyou.info&dtd=1599
Frame ID: 824BE83CFF30D0F7B19C92F17B912C43
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/load?randsalt=87202&context=AAAAAEAjSFthdgACaQAvAsUUTWjbVtj66pkQggdhGyGXiR1Cu1Xye9LTk1-LcZ3GnZM09cBuwnIx-nmqVcuSkaU6zSmMXcagFEoPOw123HFsl7JTGeyyscN-GNtxO-bQQ0477cm2SEtb2p76PfF97_vjfb-Clm27rudxS9EshhVi6UyxiGcomCFLd2ynShgCfPf4_pdL3_7z28NfeyV_OCoU4FOpnySj8YVKJeST8e0oVf3Qiyr7zd3Gx9c7rdbmlrLd7iqdbuOqcq29295S9neb-xuCdprdTWV3c6PZhgKsYKarmqliouoU_pV2okM_CKyKoSL57J4futFkLF_ryhip6KIsBJRclA8oOSc3RqOA73F7208qhm4Kd_nsdqu7c_W8HPgDLn_InUF0Tr7cj6MhrzBTRSqhTFNNLHcsz4r9uRcsEoI0IydLVEMEm1AmiBERHPxZhJMzItJVAIFFxI_nK_jlmN_qjftWzDPthc3GOtbOT7GC5zTndShkkGF4a55cDyNYpEjXKBQ3mvDeldgKB14aJ7I1lHcsP4RiqwnLWNWoIQ6GosuhPHcGwLDYTvo8zkkJExNW17t7ik5MkyjMYCL0df_w0Al8ZyBPuA3lW-ogFTWaxlLSCIFVgRR77MS9KqIMZMH2uOnqBtWZSymClblBD-tmFUqXP9qB8s009VURTOl6ZwOyrMRZCqN4aAXi9tVfAP99d3JmrgCQQJpmPuWn39KsN1BkpuCAzNSZRZLPFk-VMHK5po6jIE38KBwHlj3wE9WJhpV6UhvFk7VB7YlQH0ov6Tya1MI0DtZGsVdDKl5Lana41rfG_ZrDTcMzKfIsm1Ij2wFMKGVVhChxXNGDwvPAf_DjjeP3j-o5bUQLf-gfJC_kc_93Vr558Pu9dy_98MXbwd90tf7ch14JHtVPSzsn0qlWiI7quUbKOpEJP1_ZqovLJ-tQkGAmmxlkFq9_a-8U82SkO8VsAp9KGlqOXq0yyzMVxFxDIR7nCsO2WEeiG0TMOSdVsU5UhwWNVNmzCrcQpAc4e-P7N37-KYPjulTWETrQDFT6uigdfXY4G-fCL29m3_RdKCznISxkey-o-IfMVHBa-WwDsm19rCsn9ZkRPDlg_wM=
Frame ID: 62EAFFF5EBFAA3AFE88710B50E4D61F5
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25228506b69c-4014-45e4-a5be-f76d0f847627%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5555%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%2522%257D
Frame ID: AF47D555571A8353DCE2082DEA1E2531
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%228506b69c-4014-45e4-a5be-f76d0f847627%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2038647%2C%22cost%22%3A0.000299707%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225a451347-afbf-4e8c-b0a9-7cb5adb2825d%22%7D%2C%7B%22ad_id%22%3A2326865%2C%22cost%22%3A0.000252519%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%222606b897-f174-4669-9b26-8b11216adc44%22%7D%2C%7B%22ad_id%22%3A2078112%2C%22cost%22%3A0.000176578%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221057ef74-341a-42aa-9afb-fb20b224a6f4%22%7D%5D%2C%22unit_id%22%3A7460%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%7D
Frame ID: E1B9CC60EBF5A7C697548EF9AA031334
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%228506b69c-4014-45e4-a5be-f76d0f847627%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1965011%2C%22cost%22%3A0.000187298%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%226d53edcd-01ea-473f-ac57-d360764dc40a%22%7D%5D%2C%22unit_id%22%3A6566%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%7D
Frame ID: D3A9C72F50743C69225E15A50D14800A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Frame ID: 32CAB7CB0EB0A74718E5DA414D11049D
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%228506b69c-4014-45e4-a5be-f76d0f847627%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1692948%2C%22cost%22%3A0.000281633%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2238cb9f4a-b40c-41b9-948b-b7da72e1a54d%22%7D%5D%2C%22unit_id%22%3A7880%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%7D
Frame ID: 32FD8F13E6435B21ACE5BAB359339FC9
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%228506b69c-4014-45e4-a5be-f76d0f847627%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.001795671827877%2C%22dsp_id%22%3A47%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2235d0f09d-769d-44fd-a2b2-1269929cb508%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%7D
Frame ID: 0AA0707C7A2F592D09F41134D24AC9FC
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%228506b69c-4014-45e4-a5be-f76d0f847627%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2325246%2C%22cost%22%3A0.000138658%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2275834380-9c77-4cb3-afde-8513726b6a56%22%7D%2C%7B%22ad_id%22%3A1520600%2C%22cost%22%3A0.0000903413%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221f3ade06-0204-427f-a103-ce2e71b43c3a%22%7D%5D%2C%22unit_id%22%3A7883%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%7D
Frame ID: C322DA74D50484B64BAC88E18752BDB7
Requests: 1 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: F8AFE5C833B7BD8D24AED9C7565E9177
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Frame ID: B410993B3358CEFF38DF489F1AD1DF62
Requests: 7 HTTP requests in this frame

Frame: https://eu-node2.solutionslabkit.com/?tpw=i&spr=0.1&dp=244-0172510d1c73289b614782868ac71c19&t=bn&hash=ce75f760fab665bc841466980064cd61
Frame ID: 4C7A5AFD6C57ED58ED73B3389F35ECDB
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1
Frame ID: A1272916231A4E4826E3421D9A6192DB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=3366303577&adk=4264282029&adf=1531042278&pi=t.ma~as.3366303577&w=300&lmt=1643297545&psa=0&format=300x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2217&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600%2C336x300%2C1005x124&nras=2&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&xpc=PqLnFXzueD&p=https%3A//newsyou.info&dtd=2221
Frame ID: BFB54AA349AFA37B3ADAA33A34B26D1C
Requests: 1 HTTP requests in this frame

Frame: https://ad.bsmartad.net/adframe.php?zoneid=11796&bannerid=8069&gdpr=0&gdpr_consent=&consent=1&ref=eyJ1YSI6Ijg4NjYzMDgyNTJkNjNmOWJmNzRiNzRlNjA2ODk2MTQ4IiwiYmlkIjoiYnNkXzZfMjVfMzYwNjFmMmJiMDg1ZjkyZCIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoibmV3c3lvdS5pbmZvIiwiY291bnRyeSI6IkRFVSIsInB1YmlkIjoiNDQwMjUiLCJpcCI6IjE5My4yNy4xNC4wIiwidGltZSI6MTY0MzI5NzU0NH0%3D
Frame ID: BDCABFCA5264622EBF3E6551ACEF3BAA
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jkxcbdmd854w42er26z73ph0q06egarz00sefpbd2v630gbqjm2xzbdwxaj61syr0afgfvm7yr25p4zed4bx4a8ntajz9m7d8htdre8m34j5y8zw6ebe49gprdn8dhegv0032wwgbcw9fwpb77bk3pzf0jvg3hmsbd4kedpy1tfndjagq99ya4qadws6v1a8vf9pt364vqzzbqx6g8pz668f0rbcmgcvq62ftsajk5sqbxeze2ykqvhmran7g1jw272x2arajhzd7xeyq2ahybbk3622gesxw4gswkb7stn029wpctfnax8505hp4hsjm7nwh2fkkrr2a3dhhegv08hqdwk0mcyta7z7bhxpy23zrrsv7nx5bz6prw28a4mr8pg85v4ccq80fgpfyz823qgg2s86756d0dsbn79t6ry93vfx22n3v1x8ntv3nt3qj20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: A2E7F32E4E8406524790331C2221BAD6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8FBA5F0A23CA64A9C637C411229CFA70
Requests: 9 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: B1BC0A2C6ADA1615251F75A5956E02C3
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k9ac6tfhw3caf1tjr1evjswa4g9z3m9a6e60841npp5hsdy1763v5sjkdchf4j5b5dte07vzhcrf2pray6dksbp028jqemnjf77wxbpg9rze75htpnrz7cjdqpjdwszncsfcnc32sbdw7dbwj1zg8jp5xd45emj8bdedyy7yy7az5kbtdp3zrbqt8a323xt0t5sx2w34h4a16bccdgcf2nzcznked5sra4dxag8f69dwx61rah1sthtj881kfkryzr9hj58mdzpgtdsdzext5896qc7bx9n1xg22fzq8qp13ym7wxk84myk3mnfyt9e3d84y1g4k9emmwbmgjnmcyz6z2x56nsggfwr3kgwd3031035pm8apkw50r0wsav7yj2xh5jswywx0xgzvx8rygvvwbsmnbp56dtc18xbcezf9b951tnhzhq22pb32kzth8pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: AE075F69B265CB89029321F3624118AE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1AE08576F860910CEE63B9A75C759D73
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0103CD8C20B2EF46B0E2C37B5EE2D6D6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0E2ABFC50379D06427B72F8ADB379174
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CijktCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE2QFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyKH4JRBklCZsll013W2VBBHXpcdkBw4zTkg2SZ65ZsR-yrqbTtoDgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=KxqCjq7ASgA&uach_m=[UACH]&cid=CAQSOwCNIrLMwu9i5Dh9QBfDYK9Hg1lwiqFolYaPVQip_4KtYK_imexSUE1YNA399d86AIDQ__T1X2XeKlIqGAE
Frame ID: 4D485039DA22E988DA2D9F31FF3E4790
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jfrgvsw1xzhngfhcvfvgs5fkqsw54hxct4fkc012envfhqt6v4g8s5rer20hqs9tkpcgax9rq0gp4bbmyw0ht87934bvc2qg3h00afgdde9f4qpvznd4tvwyxq23334cwcfaa26ezdsk1t2xw42v4k0m4nj6snc62pn37x8asjwqbhz8jzyds2714rsxgccm49c0d2snefc4tv9fgqshbnaepxse8n95q9whsadtk2c92cxhzrde7hbkmn9bxwgjf8yy1kfsbyf64bdb9szjzd6zxx85z7pypad9gq7vtf7k3h4nv4j3x5bkn0kre75qq1eq1dr99v27ycct36pm200wcjzhx94z2s3491wdhw8hz51tt5b3g9yykhszp9s5js0swrb0efbxby575pyx01p7ypqr4k023z347pv6r1s2txw869dr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 891D637DC04866D740928C0A267C456C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 497A4A2B7B49162CCF614F4CAF4EAA76
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g8jzgdkg7cabxb17wafdtxzmjqvhb5ng57xzpns5gwxbhfbt95sy8vzbnss6mntwnvtyw6dwdyrkbwkq5x4r71wht0nagm8yyx4ej9fypv641eb9ydg8gerge6vfxhteb71dqw29539py86519v3smx1kgjg1zagnbdy84a3qcf2db9dxf7m9hmq07q054yb00xmrqxrtnrdhjnd0kchpp45saj9jz9xr7tv0kepqrxn9fyp0hqcnvbfc03y64wj685dwnwct97yck0tgskvwgx0619gt3zd7bnh3j1ebyfy6jmfafwkac26d9qn3dyn317zz9xzwmmp7kdh51w2sq8qxkqhk0q81rs8nzegafbf6bjmj3v2bdmk0vh4r6fjm6yztjzvskgx3fxave8a40rg3dzhzzxrmn9667tdybxvkjm6c7afqxw1j3vc4dpxjpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: DD16E0F40D732A55383F1DC108152E43
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Frame ID: 7A2C93502B5C0D724301C4894B62C0FA
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 362763074BA61D72349A66D9F9BF6227
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CF2AE279AA449C9A79B0178EFD361713
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0948E2B05A1454A3731B7A3643F2C0E1
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: D2ACA61C261FA50D10D01F2FD31859A3
Requests: 21 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 05A2BDE744155315994D547FEF6A6179
Requests: 2 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e0d259f7-d705-511b-a212-861bc3e03d12&CACHEBUSTER=713126
Frame ID: 0D682F99AE77062BFD0AE0AED478C0BC
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 34D587CFF4DE9C8E361BE997FD5C457B
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 30465527D388BD2ACB8278406302DEFE
Requests: 3 HTTP requests in this frame

Frame: https://t.adcell.com/p/view?promoId=237769&slotId=77305&pv=1&subId=brdkxzaahxktakmswxhuaaapanmwnmn
Frame ID: 11F2BB194AB2347E3F8D24AE51BBF471
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C1i0uCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOQBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKSu-NYNJlMye1qjTqFbu1bbFC104zyISPyL9X6O56JhjyIwdA0Q1gAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=4SZuObaCmVc&uach_m=[UACH]&cid=CAQSOwCNIrLM_l8ta5JLMk7mdCvw3iEFFKtTNO97mFVIEVwYn6U1AEbdMmuxyNNoXsSSWb9qIY7qC4oD1uQnGAE
Frame ID: CFAAA053BEE6A545A4CB7EF80B0D7BE0
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h6kamkccfyxw7hac41av5cdjdyasy2vd9q5whb57yaf8bqqmkhr6tv8h7g6jnv3brks51sp6yf2ascnty6s0gv2fw701p53eyrp7044a1y0p9ja2gdtbnwjgmf3q8fprgpsfavxy16zyztsg0htxkc403xx3es1xvzdspm1dtwh212pwhbjm22sm5j2wpsw9b0srzm0g75gcfn9rz6ng7ef49h0673mxyatj4jfb95zqwcam1snz945ee2k1f7rx5e6ng0m60hrnhjyatsjr9g6r0yd7qx5bf8zvyt3xhfq78dvvsktgwxtf9zpp5zsckhj9b91nas8k9qgbngdp5zvc6wrct9kbncdm30fp8tcgy24hjdy17kg7ran9qz9fej5cqdy154sf350y8wgyh6xkyr8eac7ek99jzf0w3jj52ygg0jw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 1D7658A3CA75851579D4653515B0E66B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 55C0D8A0F61646F002987F9967ED7F7E
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5FAFAF8A293B75AB9EB3DA1BEFA5DF9C
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000787
Frame ID: 7547A2F9A0CD37C98EC0BA77DFA5E159
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1C975F219AF71C1644C15FB096994452
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C6F043FE74226191C297847504BACB2C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5066E2B7F3A86CD355E95117112E670B
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2081D7E02293181C8A6663A36BAD7739
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 083C47B25A4239FBDE8CA875F66D086E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: D5E42DB98D9EFB78F3877C2C4A223534
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: 77881880A37EEA7344154C37085088C0
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: A7838512B29633B8BCB92E4F747E4256
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: 6D99576EC893527D425387F4F1B33C4E
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: 04B262923B749DDF61213E877F283096
Requests: 14 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=164329754822497491482
Frame ID: 186EEF7612BC138051241782D53F0DC0
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1643297548288823901226
Frame ID: EF052A323E8CBC5B7B86833CC8E3AEF9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 6FCECE91EB04634652B6CA057C9249B2
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4FA0B84008C7D4A397673893BEFEB964
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A1538681DD2610DF0D4E3B8AE23D826F
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: A94D50C306F623304E49E9194FD32692
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=2&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&referer=undefined&
Frame ID: 64D8403DE639EB4B2D71DCEB507F2DD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новости Ю

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

676
Requests

90 %
HTTPS

26 %
IPv6

100
Domains

137
Subdomains

104
IPs

13
Countries

12906 kB
Transfer

19246 kB
Size

129
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO;0.43146069365764683 HTTP 302
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO;0.43146069365764683
Request Chain 72
  • https://r.i.ua/s?u224079&p264&n0.1330652451423926&c1&d24&w1600&h1200&rnewsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO HTTP 302
  • https://i.i.ua/r/3_3_1.png
Request Chain 122
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1643297543&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543210&bpp=2&bdt=740&idt=697&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=q5AHrvoLop&p=https%3A//newsyou.info&dtd=702 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Request Chain 125
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9531.CtFRba5MtPCROdN7T26L8C511TbR2vMFwm-xtCxZHd75E79PKCUHhs1nhyOT3hcZ.Rd2lE-f2VhrX7-N1OZEwuxBLCmI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9531.LBEMfywGdUoe32zNTvn_5hR4UqDZfsXXAVB9vBaR2FxeaGnp8H0DlsSfhXgRZsdSfb3DHLMxQSM1Ve7EINn-bw%2C%2C.s1vEAsB0vc7dmZqm7V9BR7aR1Rg%2C
Request Chain 126
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=1263093664&adf=1828759177&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543212&bpp=2&bdt=741&idt=786&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=31zNKYDvn8&p=https%3A//newsyou.info&dtd=799 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Request Chain 132
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=1263093664&adf=1544427955&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=744&idt=941&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2007&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XfMLp8aSRO&p=https%3A//newsyou.info&dtd=945 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center2.php
Request Chain 198
  • https://mc.yandex.com/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A269838970862%3Ahid%3A828350136%3Az%3A0%3Ai%3A20220127153223%3Aet%3A1643297544%3Ac%3A1%3Arn%3A165856741%3Arqn%3A1%3Au%3A1643297544208227818%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643297541492%3Ads%3A0%2C189%2C657%2C2%2C0%2C0%2C%2C676%2C5%2C%2C%2C%2C1654%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643297545%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A269838970862%3Ahid%3A828350136%3Az%3A0%3Ai%3A20220127153223%3Aet%3A1643297544%3Ac%3A1%3Arn%3A165856741%3Arqn%3A1%3Au%3A1643297544208227818%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643297541492%3Ads%3A0%2C189%2C657%2C2%2C0%2C0%2C%2C676%2C5%2C%2C%2C%2C1654%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643297545%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 223
  • https://px.adhigh.net/p/cm/adpdigital HTTP 302
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
Request Chain 226
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F09BBF2612500737002424F1A&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F09BBF261BC083D150217A4F9
Request Chain 227
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F09BBF2612400B76F02421D4D&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F09BBF261BC083D150217A4F9
Request Chain 228
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e0d259f7-d705-511b-a212-861bc3e03d12
Request Chain 229
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e0d259f7-d705-511b-a212-861bc3e03d12
Request Chain 230
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9f98065b-f45c-459e-7830-bf23e91a40b1
Request Chain 231
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=a23b8b70-09ac-4700-77fd-b2aa76fcfc6b
Request Chain 247
  • https://counter.yadro.ru/hit?rhttps%3A//newsyou.info/;s1600*1200*24;uhttps%3A//video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63;h%u041C%u043E%u0436%u043D%u043E%20%u0441%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u0431%u0435%u0441%u043A%u043E%u043D%u0435%u0447%u043D%u043E%3A%20%u043D%u0430%20%u0432%u0438%u0434%u0435%u043E%20%u043F%u043E%u043F%u0430%u043B%20%u0441%u0430%u043C%u044B%u0439%20%u043E%u0447%u0430%u0440%u043E%u0432%u0430%u0442%u0435%u043B%u044C%u043D%u044B%u0439%20%u0432%20%u043C%u0438%u0440%u0435%20%u0437%u0435%u0432%u043E%u043A;0.2178213180446944 HTTP 302
  • https://counter.yadro.ru/hit?q;rhttps%3A//newsyou.info/;s1600*1200*24;uhttps%3A//video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63;h%u041C%u043E%u0436%u043D%u043E%20%u0441%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u0431%u0435%u0441%u043A%u043E%u043D%u0435%u0447%u043D%u043E%3A%20%u043D%u0430%20%u0432%u0438%u0434%u0435%u043E%20%u043F%u043E%u043F%u0430%u043B%20%u0441%u0430%u043C%u044B%u0439%20%u043E%u0447%u0430%u0440%u043E%u0432%u0430%u0442%u0435%u043B%u044C%u043D%u044B%u0439%20%u0432%20%u043C%u0438%u0440%u0435%20%u0437%u0435%u0432%u043E%u043A;0.2178213180446944
Request Chain 272
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HyuwhA8ysymCEEAg== HTTP 302
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HyuwhA8ysymCEEAg==&bounce=1
Request Chain 275
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HyuwhA8ysymCEEAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/1z6ABIIBJV7zAEHTlhRT
Request Chain 276
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HyuwhA8ysymCEEAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/1z6ABIIBJV7zAEHTlhRT
Request Chain 277
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HyuwhA8ysymCEEAg== HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HyuwhA8ysymCEEAg==&tuid=-5928723748 HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AEqSh_g8Ap-E6CconqswqzA
Request Chain 385
  • https://t.adcell.com/p/image?promoId=237205&slotId=77305&subId=brdkxzaahxktakmswxhuaaapanmwnmn HTTP 302
  • https://www.juui.de/sites/default/files/juui_banner_300_250_sale.png
Request Chain 389
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=922f61f2-bb0a-4200-bb27-77e84cf59b91&expires=30&ssp=between&bsw_param=9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
Request Chain 390
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eQNw1Kvbgk8.AikABlF-nCqbTQ
Request Chain 391
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=bfba14a6e18c61d8fc7f5729
Request Chain 392
  • https://sync.bumlam.com/?src=bw1&uid=e0d259f7-d705-511b-a212-861bc3e03d12 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiK9sqPBlIFvp7KygpiJGUwZDI1OWY3LWQ3MDUtNTExYi1hMjEyLTg2MWJjM2UwM2QxMg** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiK9sqPBlIFvp7KygpiJGUwZDI1OWY3LWQ3MDUtNTExYi1hMjEyLTg2MWJjM2UwM2QxMqIBEFT3jVp_hhHspukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABiK9sqPBmIkZTBkMjU5ZjctZDcwNS01MTFiLWEyMTItODYxYmMzZTAzZDEyogEQVPeNWn-GEeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARiK9sqPBmIkZTBkMjU5ZjctZDcwNS01MTFiLWEyMTItODYxYmMzZTAzZDEyogEQVPeNWn-GEeym6QAlkMgkNw** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=54f78d5a-7f86-11ec-a6e9-002590c82437
Request Chain 393
  • https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=newsyou.info&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
  • https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=newsyou.info&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Request Chain 394
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/63323940 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/63323940
Request Chain 419
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEG8P2ndqe5vFdQCMl8AbKrQ&google_cver=1&google_push=AYg5qPKyh3s3LCRyuFH28v0m3UWlrA9fj6HiAufI67Ed8KkjYC9XDUTQgxOGBsQfVO-2iSMHswx4DCCLuFDuZ5gh7VGQXDDDDHw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKyh3s3LCRyuFH28v0m3UWlrA9fj6HiAufI67Ed8KkjYC9XDUTQgxOGBsQfVO-2iSMHswx4DCCLuFDuZ5gh7VGQXDDDDHw&google_hm=Q0FFU0VHOFAybmRxZTV2RmRRQ01sOEFiS3JR
Request Chain 422
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENr4PzXr4QkyqGPcjmzIn60&google_cver=1&google_push=AYg5qPJ-hRNsGYa8rNjwwjsKVYOszFM3orau3apoXr8CBOrb_3UjBx6yi4YYx5uODHnegf153EjUAOJlJFk6lQbSaF-jRQ3P-Jk HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENr4PzXr4QkyqGPcjmzIn60&google_cver=1&google_push=AYg5qPJ-hRNsGYa8rNjwwjsKVYOszFM3orau3apoXr8CBOrb_3UjBx6yi4YYx5uODHnegf153EjUAOJlJFk6lQbSaF-jRQ3P-Jk&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ-hRNsGYa8rNjwwjsKVYOszFM3orau3apoXr8CBOrb_3UjBx6yi4YYx5uODHnegf153EjUAOJlJFk6lQbSaF-jRQ3P-Jk
Request Chain 423
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP5xXejN11HbX0Wc3FZwx3o&google_cver=1&google_push=AYg5qPJKt-lLTOorMVGqNMfc665tTeuYhCdraRQ9FgO2CGbAReGv6QGbUbHXoL7ULq-uCeZVn4hWp8bipoBvvWTN0IuH8xFEd2E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYNFhIUkQtMjYtSklFWA==&google_push=AYg5qPJKt-lLTOorMVGqNMfc665tTeuYhCdraRQ9FgO2CGbAReGv6QGbUbHXoL7ULq-uCeZVn4hWp8bipoBvvWTN0IuH8xFEd2E
Request Chain 424
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1
Request Chain 427
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLOuN7L7PYR0ssbjNSwX1LKY7xYHm2WGPr1d_FsjwwL_SXZ1P1zXblYL0dkO-xv3kcKx0ZF5NgTTjtUfC1fpV0Zm-h8PQI&google_gid=CAESEFWE_dO9MxhvCLJrbvYwSvs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZLN0NnQUFCQzU3VHhEOA&google_push=AYg5qPLOuN7L7PYR0ssbjNSwX1LKY7xYHm2WGPr1d_FsjwwL_SXZ1P1zXblYL0dkO-xv3kcKx0ZF5NgTTjtUfC1fpV0Zm-h8PQI
Request Chain 428
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEG8P2ndqe5vFdQCMl8AbKrQ&google_cver=1&google_push=AYg5qPLTDWTZyIXBNW98Bu_6f7aSMFsn2BfB4otl5IhB6o75IgkyhptAQwDKW3ETIY8nYk9aJWuwHmukqGe8hx7XYE_jlWLn7q0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLTDWTZyIXBNW98Bu_6f7aSMFsn2BfB4otl5IhB6o75IgkyhptAQwDKW3ETIY8nYk9aJWuwHmukqGe8hx7XYE_jlWLn7q0&google_hm=Q0FFU0VHOFAybmRxZTV2RmRRQ01sOEFiS3JR
Request Chain 429
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPI1r8JblkrfRUtGFIhLEcF12F9Y4hHKoZMbPPEF8PFqVM1-lWR5Ajl-92Xrc2fk90NDG__TTaUx6c8DyxAv12CGXJsuEro&google_gid=CAESEPd6GVsLIIA2l5Ak5hL1gvk&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIr2yo8GEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBJMXI4SmJsa3JmUlV0R0ZJaExFY0YxMkY5WTRoSEtvWk1iUFBFRjhQRnFWTTEtbFdSNUFqbC05MlhyYzJmazkwTkRHX19UVGFVeDZjOER5eEF2MTJDR1hKc3VFcm8 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbGJRN081S0VWaFhRZWR5WmQ2MlhLanVpOHR5UVd6UHRqQkpXRTQ2ODZ4UQ==&google_push
Request Chain 431
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENr4PzXr4QkyqGPcjmzIn60&google_cver=1&google_push=AYg5qPKsutMtTK4xkY1PlWdYh9P7RVk8fP5crRhtDue8bKqt3HWdbblgTtIDmEramdvd2eH2gkcuj9wRSRpnZ2zJcrSV3ORxmwA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENr4PzXr4QkyqGPcjmzIn60&google_cver=1&google_push=AYg5qPKsutMtTK4xkY1PlWdYh9P7RVk8fP5crRhtDue8bKqt3HWdbblgTtIDmEramdvd2eH2gkcuj9wRSRpnZ2zJcrSV3ORxmwA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKsutMtTK4xkY1PlWdYh9P7RVk8fP5crRhtDue8bKqt3HWdbblgTtIDmEramdvd2eH2gkcuj9wRSRpnZ2zJcrSV3ORxmwA
Request Chain 433
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAmeU2UlAOJ-2AZTVMeMMoM&google_cver=1&google_push=AYg5qPKTicY4LE22R8AdrH62qRKrIcrBq1-4FkEU1v-vIKNARcb_s59g6TK6TEWd04uNFJX19ZuCW_NXma9GmUpaf2QU5FRcFaA- HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKTicY4LE22R8AdrH62qRKrIcrBq1-4FkEU1v-vIKNARcb_s59g6TK6TEWd04uNFJX19ZuCW_NXma9GmUpaf2QU5FRcFaA-&google_hm=
Request Chain 441
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKp3_odNYh1kwGaCAt-22SI&google_cver=1&google_push=AYg5qPL24XbX3UbvcQ7t45drZ-0cVoPC_dDKV7K5AnYQ6Om8gYFH5RrBm6gTGAf8LVS7Uvr-V_y2P4iPB-DvEHMGliwh_9aYLpQy HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL24XbX3UbvcQ7t45drZ-0cVoPC_dDKV7K5AnYQ6Om8gYFH5RrBm6gTGAf8LVS7Uvr-V_y2P4iPB-DvEHMGliwh_9aYLpQy&google_hm=DoNHjOtodanECqI026dtAQ
Request Chain 442
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEFlZ7FO4OPz-16Ok4T8qECc&google_cver=1&google_push=AYg5qPJhy5Xs0oSd_qROAM_LaCMWGXSpW_f9HRReOGS9KS177UtvvxAxmy9ZW2pRQNu8yxW1L-X6paqB2z7-qvf9EvqjNgCBgvnq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJhy5Xs0oSd_qROAM_LaCMWGXSpW_f9HRReOGS9KS177UtvvxAxmy9ZW2pRQNu8yxW1L-X6paqB2z7-qvf9EvqjNgCBgvnq&google_hm=Q0FFU0VGbFo3Rk80T1B6LTE2T2s0VDhxRUNj
Request Chain 444
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHjsTysteTGUMTLuZMwO88I&google_cver=1&google_push=AYg5qPKve9j7JTi9COqWCErAqtkR-7gRtTe1rx60Yo_3i3i5f1pHdpNI5dPanvn7m5Oq-B1hpKIVxwir6n3wqWY9tuuhWuYUDx3_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKve9j7JTi9COqWCErAqtkR-7gRtTe1rx60Yo_3i3i5f1pHdpNI5dPanvn7m5Oq-B1hpKIVxwir6n3wqWY9tuuhWuYUDx3_
Request Chain 445
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJpdbe0hrlNoCiKCkdJCOXM&google_cver=1&google_push=AYg5qPIV3H0gslk1b-5WuMD9OzyIfEdo1LF9aJ5oRvx6KLSbrj1NP96aHQbYIX8E78ZdYOlIO_9zgkMnBoISz4rHAvAUytwP5Vet HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYNFhIVFItMTgtODNXSQ==&google_push=AYg5qPIV3H0gslk1b-5WuMD9OzyIfEdo1LF9aJ5oRvx6KLSbrj1NP96aHQbYIX8E78ZdYOlIO_9zgkMnBoISz4rHAvAUytwP5Vet
Request Chain 446
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya
Request Chain 449
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBVDsNem3y_d5rhB9UDxA1E&google_cver=1&google_push=AYg5qPJUBOpOXPTX_486HD0G43NXua98tS47um50aV7B2xnYV6uXGlSKMsYeQD9GCW5bFM20Z_FeK9YHUV22bUATqULQzVVZzD8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJUBOpOXPTX_486HD0G43NXua98tS47um50aV7B2xnYV6uXGlSKMsYeQD9GCW5bFM20Z_FeK9YHUV22bUATqULQzVVZzD8&google_hm=DoNHjOtodanECqI026dtAQ
Request Chain 451
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBVDsNem3y_d5rhB9UDxA1E&google_cver=1&google_push=AYg5qPL5drHqebIru185bXoIRr2eWng64BiUswNR1zN2BOZ_MBqCdbiTXkyzrF8dkXavacpV_RlBQEfbdWU8qMwltQnq6SoDFHLP4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL5drHqebIru185bXoIRr2eWng64BiUswNR1zN2BOZ_MBqCdbiTXkyzrF8dkXavacpV_RlBQEfbdWU8qMwltQnq6SoDFHLP4w&google_hm=DoNHjOtodanECqI026dtAQ
Request Chain 459
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 464
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 504
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=922f61f2-bb0a-4200-bb27-77e84cf59b91&expires=30&ssp=between&bsw_param=9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
Request Chain 505
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBVDsNem3y_d5rhB9UDxA1E&google_cver=1&google_push=AYg5qPINxIyVeQgRwZ_DZLBCgVz0jogzlxZbIdGh3-bWSFRUeakFNpKpnsw-ouY6YZbA2Bs5hlUQB73jsyAy9uOYcRKjKae5qtQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPINxIyVeQgRwZ_DZLBCgVz0jogzlxZbIdGh3-bWSFRUeakFNpKpnsw-ouY6YZbA2Bs5hlUQB73jsyAy9uOYcRKjKae5qtQ&google_hm=DoNHjOtodanECqI026dtAQ
Request Chain 509
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBVDsNem3y_d5rhB9UDxA1E&google_cver=1&google_push=AYg5qPK8YarL71T3PjTob_MW4PTaRk2k3wPdDhzctmsN39viy7sV0cnw7Edv5owaVmdEC58hbjlj6MNHb1mVbTUcOtVYlNOUXQOr HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8YarL71T3PjTob_MW4PTaRk2k3wPdDhzctmsN39viy7sV0cnw7Edv5owaVmdEC58hbjlj6MNHb1mVbTUcOtVYlNOUXQOr&google_hm=DoNHjOtodanECqI026dtAQ
Request Chain 552
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiL9sqPBlIFl4XSlAY* HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABiL9sqPBqIBEFT3jVp_hhHspukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiL9sqPBqIBEFT3jVp_hhHspukAJZDIJDc* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=54f78d5a-7f86-11ec-a6e9-002590c82437 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=KW7YzCNHRK0ZCV%2BZ9mlSGw& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=KW7YzCNHRK0ZCV+Z9mlSGw&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=KW7YzCNHRK0ZCV+Z9mlSGw&extra2=aidata&google_gid=CAESEECykeMPcM9OqnjmYe1Naso&google_cver=1
Request Chain 564
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 567
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=oneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=oneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022012716322762824043421X117703V1226132702MSoneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&spid=2022012716322762824043421X117703V1226132702MSoneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&wfid=117703
Request Chain 570
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVEoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVEoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022012716322762824043411X117663V1225131106MSoneidAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVEoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT
Request Chain 574
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043429X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022012716322762824043429X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
Request Chain 577
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022012716322762824043475X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth
Request Chain 583
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 586
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043423X117679V1226132702MSoneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&spid=2022012716322762824043423X117679V1226132702MSoneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&wfid=117679
Request Chain 589
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043405X113752V1225131106MSoneidDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT
Request Chain 593
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043477X117679V1226132702MSoneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022012716322762824043477X117679V1226132702MSoneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
Request Chain 596
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043409X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth
Request Chain 602
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 605
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043415X117679V1226132702MSoneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&spid=2022012716322762824043415X117679V1226132702MSoneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&wfid=117679
Request Chain 608
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043473X113752V1225131106MSoneidDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT
Request Chain 611
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=f6458896-c4c0-4f95-8d76-e7e30490e045 HTTP 302
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=b3f53ecb83dc4922a76105b3ef6cd724&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dadmixer%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=admixer&user_id=uXwZMl6SFCi-KvgXXX_90 HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&consent=&gdpr_pd=
Request Chain 675
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 686
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e0d259f7-d705-511b-a212-861bc3e03d12&expires=60 HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
Request Chain 688
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fe0d259f7-d705-511b-a212-861bc3e03d12 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/e0d259f7-d705-511b-a212-861bc3e03d12 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/e0d259f7-d705-511b-a212-861bc3e03d12?redir-setuniq=1

676 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
newsyou.info/ 		105 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
b390b7721c921342a5b9867bd563fb86cf465bf7204bcf1fd686014c1b897676

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.2.1
Date
Thu, 27 Jan 2022 15:32:18 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
26673
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Link
<https://newsyou.info/wp-json/>; rel="https://api.w.org/", <https://newsyou.info/wp-json/wp/v2/posts/606533>; rel="alternate"; type="application/json", <https://newsyou.info/?p=606533>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
mainstyle10.css
newsyou.info/ 		36 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/mainstyle10.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
a0a8aafea7c182cd50d239de71da565129cb1110563f5c87ede4f0bdd740008f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:31 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37351
Expires
Thu, 03 Feb 2022 15:32:18 GMT
magnific-popup.css
newsyou.info/wp-content/themes/newsyou/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/css/magnific-popup.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:07 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6951
Expires
Thu, 03 Feb 2022 15:32:18 GMT
jquery-1.11.1.min.js
newsyou.info/wp-content/themes/newsyou/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/jquery-1.11.1.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95786
Expires
Thu, 03 Feb 2022 15:32:18 GMT
scripts.js
newsyou.info/wp-content/themes/newsyou/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/scripts.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:10 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23604
Expires
Thu, 03 Feb 2022 15:32:18 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb3fc4da48131833f13ed5fd7635907767360a3a6bc025e880110b2cffc0e4ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52525
x-xss-protection
0
server
cafe
etag
9528372006743916884
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:32:23 GMT
script.js
5h3oyhv838.com/ 		108 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5h3oyhv838.com/script.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7addd03f65296b66adfc423913f10acbbf697c267dc5b064da2eab0a2e4b2e43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:22 GMT
content-encoding
gzip
x-adsbid-request
mpe_5nzdswzm
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
server
nginx/1.18.0
687qvu678kypn9ors.php
pwkvdk.com/2c07l1291vil0mpy03qh8/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwkvdk.com/2c07l1291vil0mpy03qh8/687qvu678kypn9ors.php
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 10:28:30 GMT
server
nginx/1.14.2
etag
"61dffece-4abc"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
19132
smi.js
jsn.24smi.net/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/smi.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b97744dde2b3ee6ab13cb7626c9b17a2b4e172443540db0ff7eaeb7140ea3d8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 24 Jan 2022 05:30:56 GMT
server
cloudflare
age
241
etag
W/"61ee3990-15e50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6d43088cabb883a0-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 16:28:22 GMT
mzqtqndegu5ha3ddf4ytqobq
codesbro.com/code/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesbro.com/code/mzqtqndegu5ha3ddf4ytqobq
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.199.158 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7919a18a3ac32dc2f961d7a2a64f2bc3cd88508890adeadb6a57e59c5f0e4967
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:23 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
style.min.css
newsyou.info/wp-includes/css/dist/block-library/ 		79 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:37 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80574
Expires
Thu, 03 Feb 2022 15:32:18 GMT
wp-automatic.css
newsyou.info/wp-content/plugins/wp-automatic/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/css/wp-automatic.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Tue, 25 Jan 2022 15:09:15 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2713
Expires
Thu, 03 Feb 2022 15:32:18 GMT
jquery.min.js
newsyou.info/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:29 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89521
Expires
Thu, 03 Feb 2022 15:32:18 GMT
jquery-migrate.min.js
newsyou.info/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:28 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11224
Expires
Thu, 03 Feb 2022 15:32:18 GMT
main-front.js
newsyou.info/wp-content/plugins/wp-automatic/js/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/js/main-front.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Tue, 25 Jan 2022 15:09:19 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1017
Expires
Thu, 03 Feb 2022 15:32:18 GMT
logo.png
newsyou.info/wp-content/themes/newsyou/img/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:08 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24862
Expires
Thu, 03 Feb 2022 15:32:18 GMT
2705000.jpg
newsyou.info/wp-content/uploads/2022/01/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/2705000.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8d6d630cb04d84da4e3e2e05c99e63487745ea09caf541e0e9063dab1b2c1d15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Wed, 26 Jan 2022 20:55:19 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
141641
Expires
Thu, 03 Feb 2022 15:32:18 GMT
view.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/view.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15253
Expires
Thu, 03 Feb 2022 15:32:18 GMT
2704900-1.jpg
newsyou.info/wp-content/uploads/2022/01/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/2704900-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
3042b5909bee937146f0f91aa20bdcfb0e2f69e66dec395cc8a8fea141ba8049

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Wed, 26 Jan 2022 20:53:26 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49903
Expires
Thu, 03 Feb 2022 15:32:18 GMT
2704811.jpg
kor.ill.in.ua/m/190x120/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2704811.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8ae863a51c12dd551f5bae030efbf14bd97626cd69bd256056064dee9f2c0bf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:22 GMT
last-modified
Wed, 26 Jan 2022 09:59:30 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
15242
expires
Thu, 27 Jan 2022 15:37:38 GMT
menum.png
newsyou.info/wp-content/themes/newsyou/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/menum.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3725
Expires
Thu, 03 Feb 2022 15:32:18 GMT
sbtn.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/sbtn.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15582
Expires
Thu, 03 Feb 2022 15:32:18 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5994697028380609
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
119fa737c50473a776516edee3df72742b00338f92a4ccbf0d2e6eb3c57d14b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52489
x-xss-protection
0
server
cafe
etag
14147164396080349824
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:32:23 GMT
998775.jpg
newsyou.info/wp-content/uploads/2022/01/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/998775.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
3e22d1c1d99215388442686c38a44db6488a163a2085cc6d53ee5a310792255d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Thu, 27 Jan 2022 07:53:42 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57222
Expires
Thu, 03 Feb 2022 15:32:19 GMT
998785.jpg
newsyou.info/wp-content/uploads/2022/01/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/998785.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
6c715057ef0d6847ff597eed16f540bcc3d3ff40ab8b276722cd6947749c30d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Thu, 27 Jan 2022 07:53:03 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56760
Expires
Thu, 03 Feb 2022 15:32:19 GMT
%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5_2022-01-27_094614.png
newsyou.info/wp-content/uploads/2022/01/ 		371 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5_2022-01-27_094614.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
1a17af2c701fa22db24d5c1386ae78856736ed1a0f81569bae840a8773232adf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Thu, 27 Jan 2022 07:51:53 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
380144
Expires
Thu, 03 Feb 2022 15:32:19 GMT
loader.js
news.2xclick.ru/ 		102 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/loader.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
3dbc72572bfe362f39a3252d5c52b44bcf076321f306ee7687939813f83be06c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jan 2022 04:34:33 GMT
Server
nginx/1.10.3
ETag
"61e794d9-4e94"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
application/javascript
Content-Length
20116
Expires
Fri, 28 Jan 2022 15:32:23 GMT
newsyou.info.1122348.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
cf-cache-status
HIT
age
4027
last-modified
Thu, 25 Nov 2021 11:26:29 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G9DZ08SR8BGF5TQ9
x-amz-id-2
i5NirnDeHwoO0sMdZbvYTPt/whxb3MkXbWfxDUB0yWuHjHFUWhjwcA5k6YQwQz9rYyCrFKkmhYE=
cf-bgj
minify
server
cloudflare
etag
W/"4a5ade7ca18e6cd9b124c7e488981183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d43088c4e539262-FRA
expires
Thu, 27 Jan 2022 18:32:23 GMT
newsyou.info.1146775.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8d71bdcae968558d46992970999923a5644067497dc156f3f888f517a58b9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
cf-cache-status
HIT
age
4027
last-modified
Thu, 25 Nov 2021 11:17:38 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G9DJK2JAB6RSG3RF
x-amz-id-2
nX+a3RsWHPialBHmb67T7Y3lYNx49zsFDRQsqeYyypTZJe3mEE9RxJrhHNiGNHLPYRshIMXRJ9E=
cf-bgj
minify
server
cloudflare
etag
W/"954fed81ee1ba109d87b56eb30d13bf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d43088c4e559262-FRA
expires
Thu, 27 Jan 2022 18:32:23 GMT
%D0%9A%D0%9D%D0%94%D0%A0-%D0%B7%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B8%D0%BB%D0%B0-%D0%BD%D0%B5%D0%BE%D0%BF%D0%BE%D0%B7%D0%BD%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9-%D1%81%D0%BD%D0%B0%D1%80%D1%8F%D0%B4-%D0%A1%...
newsyou.info/wp-content/uploads/2022/01/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/%D0%9A%D0%9D%D0%94%D0%A0-%D0%B7%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B8%D0%BB%D0%B0-%D0%BD%D0%B5%D0%BE%D0%BF%D0%BE%D0%B7%D0%BD%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9-%D1%81%D0%BD%D0%B0%D1%80%D1%8F%D0%B4-%D0%A1%D0%9C%D0%98.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
5c99c6aa718e55eb86dc4da4700d6e21c1b2cc21742d1c8a1620c6cabb944532

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 27 Jan 2022 01:54:27 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31439
Expires
Thu, 03 Feb 2022 15:32:18 GMT
widgets.js
platform.twitter.com/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE4) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:23 GMT
Content-Encoding
gzip
Age
809
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
29180
x-tw-cdn
VZ
Last-Modified
Wed, 19 Jan 2022 19:22:23 GMT
Server
ECS (mil/6CE4)
Etag
"e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
1643236823_9570.jpg
newsyou.info/wp-content/uploads/imga6695d8/26-01-22/ 		1003 KB
1003 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/imga6695d8/26-01-22/1643236823_9570.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
fa5e6d87814b03c3030d6cffd0a4e3c01865fc72ac833baa917c5e776873a218

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Wed, 26 Jan 2022 22:40:23 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1026830
Expires
Thu, 03 Feb 2022 15:32:19 GMT
1643233163_7264.jpg
newsyou.info/wp-content/uploads/imga6695d8/26-01-22/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/imga6695d8/26-01-22/1643233163_7264.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
44165b160c17455d221eec73d5c50f1d56a37280de0fb00b68e9302bcd4976f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Wed, 26 Jan 2022 21:39:23 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106147
Expires
Thu, 03 Feb 2022 15:32:19 GMT
apelsynoviy-sik346352352-740x493-2.jpg
newsyou.info/wp-content/uploads/2022/01/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/apelsynoviy-sik346352352-740x493-2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
d323821624abb4ad37554fcbba8182255feca63eb247a289c69f2e30f4012f9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Wed, 26 Jan 2022 11:49:16 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98112
Expires
Thu, 03 Feb 2022 15:32:19 GMT
https___wworld.com_.ua_wp-content_uploads_2021_03_Skhudnennia-1.jpeg
newsyou.info/wp-content/uploads/2022/01/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/https___wworld.com_.ua_wp-content_uploads_2021_03_Skhudnennia-1.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
b67b9b4083bd8320f5f79b893ca137abcab9bd7e2636d5683e1c34624793956b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Wed, 26 Jan 2022 07:25:07 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49990
Expires
Thu, 03 Feb 2022 15:32:18 GMT
shutterstock_1722584587-e1620325252-740x416-1.jpg
newsyou.info/wp-content/uploads/2022/01/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/shutterstock_1722584587-e1620325252-740x416-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8f3394934a20dd91925276c7db49a257518ecdf869130c2ff60b471a720f53b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Wed, 26 Jan 2022 11:46:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70291
Expires
Thu, 03 Feb 2022 15:32:18 GMT
https___wworld.com_.ua_wp-content_uploads_2022_01_iajtsia.jpg
newsyou.info/wp-content/uploads/2022/01/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/https___wworld.com_.ua_wp-content_uploads_2022_01_iajtsia.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8b6d62cc08f25c06b1b5b28694abbf6598e4ad73cdc03127aafd05db8e6a9dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Wed, 26 Jan 2022 07:23:46 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47312
Expires
Thu, 03 Feb 2022 15:32:18 GMT
%D0%92%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D1%86%D0%B8%D0%B8-%D0%BD%D0%B0%D1%81%D0%BC%D0%B5%D1%80%D1%82%D1%8C-%D0%B7%D0%B0%D0%BC%D0%B5%D1%80%D0%B7-%D0%B8%D0%B7%D0%B2%D0%B5%D1%81%D1%82%D0%BD%D1%8B%D0%B9-...
newsyou.info/wp-content/uploads/2022/01/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/%D0%92%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D1%86%D0%B8%D0%B8-%D0%BD%D0%B0%D1%81%D0%BC%D0%B5%D1%80%D1%82%D1%8C-%D0%B7%D0%B0%D0%BC%D0%B5%D1%80%D0%B7-%D0%B8%D0%B7%D0%B2%D0%B5%D1%81%D1%82%D0%BD%D1%8B%D0%B9-%D1%84%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4bfd9b887cd8d0cf60b23aacb1247c2878b150b6359c8f7941f6afc9c0a078c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Wed, 26 Jan 2022 22:24:27 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51848
Expires
Thu, 03 Feb 2022 15:32:19 GMT
%D0%91%D0%BE%D1%80%D1%80%D0%B5%D0%BB%D1%8C-%D0%BE%D1%82%D1%80%D0%B5%D0%B0%D0%B3%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BB-%D0%BD%D0%B0-%D0%BF%D0%B5%D1%80%D0%B5%D0%B4%D0%B0%D1%87%D1%83-%D0%A0%D0%A4-%D0%BE...
newsyou.info/wp-content/uploads/2022/01/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/%D0%91%D0%BE%D1%80%D1%80%D0%B5%D0%BB%D1%8C-%D0%BE%D1%82%D1%80%D0%B5%D0%B0%D0%B3%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BB-%D0%BD%D0%B0-%D0%BF%D0%B5%D1%80%D0%B5%D0%B4%D0%B0%D1%87%D1%83-%D0%A0%D0%A4-%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D0%BE%D0%B2-%D0%A1%D0%A8%D0%90.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
365989e23708d595d48695140aeb2e048686a7c2839563da0f3bb91cb8b74fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Thu, 27 Jan 2022 04:55:27 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67107
Expires
Thu, 03 Feb 2022 15:32:19 GMT
g46-3.jpg
newsyou.info/wp-content/uploads/2021/12/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/g46-3.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
00eb80989f249410ce3176bb7b305ca033847b5018eb6a13a3eccb849e91f3a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Thu, 30 Dec 2021 08:20:06 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72151
Expires
Thu, 03 Feb 2022 15:32:19 GMT
newsyou.info.1127375.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1127375.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
405010abddf7924481a04049bd7d38e476e3527cb0fbd4f5bdfbd0fef3f32b4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
cf-cache-status
HIT
age
5074
last-modified
Thu, 02 Dec 2021 15:36:34 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CMYXVPKAQ2D6YRZX
x-amz-id-2
11Td+vldGs1zdVXyxnvR8tPiU3RPOHzsEaTkyESEuN7UVXI1225RVDe90AevK84kvzMJ+9dHRCQ=
cf-bgj
minify
server
cloudflare
etag
W/"e1a0f2662b15c48f74c46f00599da0af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d43088c4e5b9262-FRA
expires
Thu, 27 Jan 2022 18:32:23 GMT
%D0%9A%D0%BE%D1%80%D0%B8%D0%B4%D0%BE%D1%80%D1%8B-%D0%B7%D0%B0%D1%82%D0%BC%D0%B5%D0%BD%D0%B8%D0%B9-%D0%B2-2022.jpeg
newsyou.info/wp-content/uploads/2022/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/%D0%9A%D0%BE%D1%80%D0%B8%D0%B4%D0%BE%D1%80%D1%8B-%D0%B7%D0%B0%D1%82%D0%BC%D0%B5%D0%BD%D0%B8%D0%B9-%D0%B2-2022.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ed33f4e9416dd896ef6b963935988b1b97daf3729899c1d189ac476cd64aea81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Thu, 27 Jan 2022 03:22:28 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6885
Expires
Thu, 03 Feb 2022 15:32:19 GMT
%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BF%D1%8F%D1%82%D0%BD%D0%B8%D1%86%D1%83-14-%D1%8F%D0%BD%D0%B2%D0%B0%D1%80%D1%8F-2022.jpg
newsyou.info/wp-content/uploads/2022/01/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BF%D1%8F%D1%82%D0%BD%D0%B8%D1%86%D1%83-14-%D1%8F%D0%BD%D0%B2%D0%B0%D1%80%D1%8F-2022.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
3606f2a6bd75bf3cd1db03fa0853ec2289312b26f33b8e2d99c543a5bdcc25fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 13 Jan 2022 10:00:06 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78802
Expires
Thu, 03 Feb 2022 15:32:18 GMT
f51a14907d88d9e316cabb8cdd0daf72.jpeg
newsyou.info/wp-content/uploads/2022/01/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/f51a14907d88d9e316cabb8cdd0daf72.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
eeadec76a19d9fa4f968ac0d16090fde842b4b8c32bcb5329679f9a1fee0542b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Wed, 26 Jan 2022 20:02:25 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76671
Expires
Thu, 03 Feb 2022 15:32:18 GMT
image-13-8.jpg
newsyou.info/wp-content/uploads/2022/01/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/image-13-8.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
caf67d3a291567f01818e6d5a6c1397cd7e20abf7c03962ee8244016410b213c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Wed, 26 Jan 2022 19:14:28 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26160
Expires
Thu, 03 Feb 2022 15:32:19 GMT
tar.png
newsyou.info/wp-content/uploads/2021/12/ 		451 KB
451 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/tar.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
46f42c3bacdf581f8c4f782e77f341102bf127241ae4e724fc6f2066f9704b96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Tue, 14 Dec 2021 18:22:06 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
461812
Expires
Thu, 03 Feb 2022 15:32:18 GMT
newsyou.info.1024868.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad9efa7148c3b033e0430aa47c0d7279c5fb9ae699f34cc794b361bc96171cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
cf-cache-status
HIT
age
5074
last-modified
Thu, 25 Nov 2021 11:57:25 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G9DXJ22CTT1HFGEB
x-amz-id-2
KBM2IoZagkR3I4vRH0tMTVzsfUhjmwmBWAqr8Kh3XsCq1ZpEYQ/+ROEdrAWVkcyeKM3/4fZY49Y=
cf-bgj
minify
server
cloudflare
etag
W/"49a1b7d557a988c4e4f78eb5f865547e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d43088c5e6a9262-FRA
expires
Thu, 27 Jan 2022 18:32:23 GMT
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
200269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2695
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-31fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMvmnA5JSEWN7le6AjNVXtZLw%2BYQ8%2F2iSlC6VWQLmHNo2roUO0z281d5uEioH%2FW48dy6i1b50xdqyLs5SElpE17EHuVaf2yJ4uSqYZCNdJawUy%2F9lLLLUsirqkivjXak1ADGyhsr3D%2BK4SVenLCEBrTX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d43088bff0b9013-FRA
expires
Tue, 17 Jan 2023 15:32:23 GMT
jquery.fancybox.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		157 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
46560
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32145
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-2739b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myLh7sMmOQG6hYMrgUVvGdypFuwEGtPWb9JpRtR4V8urtzzRtTM4yzbDPd7O400nMuqkLzx87IEaFm6ogZuUD82Yae%2FrmUkCydsq7HKFr5EP1v9O3TI5BPdgvlRZ7yJhoyTZ%2BUzTGVqFg4n5dC3LSxOi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d43088bff0e9013-FRA
expires
Tue, 17 Jan 2023 15:32:23 GMT
rotator.js
newsyou.info/wp-content/themes/newsyou/js/ 		207 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/rotator.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:10 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207
Expires
Thu, 03 Feb 2022 15:32:18 GMT
hEIi.js
leokross.com/tzl/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leokross.com/tzl/hEIi.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ae07ae363826bb4478d2028eebbf5b01267fa4afa9af5aec85e00ac13c3e8736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:25:26 GMT
server
nginx
etag
W/"618ce186-b8fc"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=60
content-type
application/javascript
x-variti-ccr
525217204:1
expires
Thu, 27 Jan 2022 15:33:23 GMT
media
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
8936e16a9417d942b3aecb5898c9dd58041d4843f65d42769521e4cbcfb280e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
truncated
/ Frame 5AD7 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6bd227955dbac482696a5b0a64e8cc0e55e7847512840d6d10fbffd87a1942b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TRgX4EqKr+5KV5TfnFhXGg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 27 Jan 2022 15:50:53 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
TDJassWIFFIa7C+BDhVBg/f3q6KJepvMgsBUlsJw09q/UKzy3LeU1Ufu60oLBxqQ6qz0WoUEO3aJIvD2CT4YRg==
x-fb-trip-id
720026100
x-fb-content-md5
2f3e817db554dcf10d2873219ec08c47
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 27 Jan 2022 15:32:23 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b0512e3c8837ef9c0171c744a37207dc"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
b286ae57.js
pbkqidejmes.ru/pixels/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbkqidejmes.ru/pixels/b286ae57.js
Requested by
Host: 5h3oyhv838.com
URL: https://5h3oyhv838.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9fd72153ba3e8a36d7e6a93d9bd5acb61f8f1cde905b95955a10761aa7e3636d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store
last-modified
Mon, 20 Dec 2021 09:18:45 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
menu.png
newsyou.info/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/menu.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2563
Expires
Thu, 03 Feb 2022 15:32:18 GMT
vunit
a4p.adpartner.pro/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/vunit?id=7459&0.023610469831072844
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
56ace3c3427288e2c4136823c3a7ddf32acdfbfa556cc69de8ec1a240f918b7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
101e1169-3c53-4c21-96d6-6a2bdd5d6b63
video.ridus.ru/player/ Frame 1ED3 		57 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
77359fb1be4169e497aa3f0d95db27545138343eba92589f8b27891eea6b3424
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 27 Jan 2022 15:32:23 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
X-Application-Context
application:8886
Content-Language
de-DE
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Content-Encoding
gzip
997978.jpg
newsyou.info/wp-content/uploads/2022/01/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2022/01/997978.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4abacf83d9bda82ac7e00562f7a742d36500fbcc763bbcad563146367fc57a16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:18 GMT
Last-Modified
Wed, 26 Jan 2022 17:54:23 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35323
Expires
Thu, 03 Feb 2022 15:32:18 GMT
index.php
telegram.im/widget-button/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 27 Jan 2022 15:32:22 GMT
Server
nginx
Strict-Transport-Security
max-age=0
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
jsunit
a4p.adpartner.pro/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.3248512539478996
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
f5a313736b50d48f81f0f80f58583ae930af91bfbaa5f6fa251142926015c09b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5876&r=0.09707633312054242
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
ff5519f34c597a797a11305ff631c3f1e8f6dd88379f1027d4a129a8c8e357c7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
13245.js
jsn.24smi.net/d/6/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
114
etag
W/"6152c8b3-c46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6d43088cfca683a0-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 16:30:29 GMT
jsunit
a4p.adpartner.pro/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.6915893531319681
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
cfe2d4458c85c745953b0c08a83637cd9ea36ee1692489c37e0a1671b949c5f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7880&r=0.31585156593416985
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
b18ae28b560a2ae577e41ff4900508751852e230b8208cea3d1964de850ef1bd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
13267.js
jsn.24smi.net/4/0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
114
etag
W/"6152c8b3-b81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6d43088d0cb583a0-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 16:30:29 GMT
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7884&r=0.04942750067753199
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
5effc33fde9d03440d32ea66c88a27cc7bca7f82efb791039b9b6688e4294187
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7760&ref=&0.13083249191357216
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
a1b1f7ad22581667142351286e70948d2a0632ccf6882c00e981f03ef83776f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
13248.js
jsn.24smi.net/e/7/ 		2 KB
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
114
etag
W/"6152c8b3-900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6d43088d0ccf83a0-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 16:30:29 GMT
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=6822&r=0.40425530571550405
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
cd47e3d673d72298c0518c4b3d99ec9bfffb3a1cabfe824e2f6559d53029e09c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7858&ref=&0.6737971205706019
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
c3b35e5bd9b98444134f837646351530dbad1aafabf7c123103d71d106207203

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=5687&ref=&0.3844579055057815
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
2765e7a2734a6719d3b846e7c6b316bc01d4a9f57bf4c4892de14685005c579c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO;0.43146069365764683
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO;0.43146069365764683
147 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO;0.43146069365764683
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
1b037b77799e97db94ff9f268f42cfba560d87c5b9e066277a66a4c3bba02408
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:36 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
147
Expires
Tue, 26 Jan 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:36 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO;0.43146069365764683
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 26 Jan 2021 21:00:00 GMT
3_3_1.png
i.i.ua/r/
Redirect Chain
  • https://r.i.ua/s?u224079&p264&n0.1330652451423926&c1&d24&w1600&h1200&rnewsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
  • https://i.i.ua/r/3_3_1.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.i.ua/r/3_3_1.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Server
91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
sh02.mi6.kiev.ua
Software
nginx /
Resource Hash
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:23 GMT
Last-Modified
Mon, 19 Mar 2007 13:53:49 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1233
Expires
Fri, 27 Jan 2023 15:32:22 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:23 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location
https://i.i.ua/r/3_3_1.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Expires
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7049
date
Thu, 27 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 27 Jan 2022 15:34:54 GMT
tag.js
mc.yandex.ru/metrika/ 		198 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
last-modified
Wed, 26 Jan 2022 15:48:14 GMT
etag
"61f1430e-10e38"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69176
expires
Thu, 27 Jan 2022 16:32:23 GMT
close.gif
newsyou.info/img/ 		83 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/close.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:19 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83
Expires
Thu, 03 Feb 2022 15:32:19 GMT
/
leokross.com/ 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://leokross.com/
Requested by
Host: leokross.com
URL: https://leokross.com/tzl/hEIi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9460a8d9acd74362273238c1b1e49fb058f44e482e4b22492540d735e556fc60

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
525217204:2
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
utarget.ru/ranging/00cb2399e4/js/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/ranging/00cb2399e4/js/?rand=1737&cookie=0
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
utarget.pro
Software
nginx /
Resource Hash
13bebae9151b25db0d3b04fcffa4031f54fdfd3855d709c227de488e15fddb0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:23 GMT
Server
nginx
P3P
CP="NON DSP COR CURa TIA"
Vary
Accept-Language, Cookie
Content-Language
ru
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=utf-8
6ed056a9.js
pxksnymto.ru/pixels/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxksnymto.ru/pixels/6ed056a9.js
Requested by
Host: leokross.com
URL: https://leokross.com/tzl/hEIi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bff6fe2953477c19b112787a90875cba98f8fc5204e4c455fa3a70f700188269

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store
last-modified
Mon, 20 Dec 2021 09:18:45 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/ 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c523db52f9286cb3ea7ecfc15f5ec3b8f1751ff76577d47a2b8ebb9b8b2abe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104674
x-xss-protection
0
server
cafe
etag
15821355007228485488
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:32:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/ Frame 9069 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Wed, 26 Jan 2022 15:59:58 GMT
expires
Wed, 09 Feb 2022 15:59:58 GMT
cache-control
public, max-age=1209600
age
84745
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
z
s.zmctrack.net/ Frame E381 		52 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
18e54970c798f19562b1a660b78ded66dc7d01fd2645fbaee30ff124d221abe6

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23805
expires
Thu, 01 Jan 1970 00:00:01 GMT
newsyou.info.1146775.es6.js
jsc.mgid.com/n/e/ 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
cf-cache-status
HIT
age
529
last-modified
Thu, 02 Dec 2021 15:50:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
326E4JEHN2167RNE
x-amz-id-2
KH1XNkJOfKM8IzG2PuOCyAOzBpA6L+4QFH0EQ1e68ByC57Grv5dlEyGzi0e6kUUJM5R4e9Qz/3Q=
cf-bgj
minify
server
cloudflare
etag
W/"bc159291689d374b57f73dde254fa617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d43088ddd4668e5-FRA
expires
Thu, 27 Jan 2022 18:32:23 GMT
newsyou.info.1122348.es6.js
jsc.mgid.com/n/e/ 		239 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
cf-cache-status
HIT
age
504
last-modified
Thu, 02 Dec 2021 15:43:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0ZDRC3K0AFR1G57C
x-amz-id-2
CZ3T8yFPiY0jrQ12KXYYJrG2RmHgPn6coC6aylbEPSwQ41s7h3Sd7mlvEyzxlfGuy1nK/jsq/Ik=
cf-bgj
minify
server
cloudflare
etag
W/"3549c59b252a1dff4f0ed90218a6b365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d43088ddd4468e5-FRA
expires
Thu, 27 Jan 2022 18:32:23 GMT
newsyou.info.1127375.es6.js
jsc.mgid.com/n/e/ 		258 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1127375.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1127375.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a91fb7b3751e54fc8c83379f84ae44b43bba458687255e4dc82b3ea4f259ea8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
cf-cache-status
HIT
age
529
last-modified
Thu, 02 Dec 2021 15:36:34 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
F9N8J155KG853J1W
x-amz-id-2
OQ3RGeGPd0I0K2fD0kuiUcwidUL/qcAQr09bxY+5NmqGm0EBP+/4Fn3HWleAlz4p+/czHStjZfk=
cf-bgj
minify
server
cloudflare
etag
W/"2a51e8a72eafa90d98d062fe3c090ed8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d43088ddd4268e5-FRA
expires
Thu, 27 Jan 2022 18:32:23 GMT
85309c14ca19686-1627575410_s.jpg
img-light.com/upload/202107/2fee5c11784350fd/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-light.com/upload/202107/2fee5c11784350fd/85309c14ca19686-1627575410_s.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c78e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188f152805f768bf93f7d7e92bb712d22af33698b52f5973c38721c1eaad9943

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3189
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11146
last-modified
Thu, 29 Jul 2021 16:16:50 GMT
server
cloudflare
etag
"6102d472-2b8a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JRK8g3%2Btck4b2wGjZ7wEvNbPXjKiuln0evkZIR2d6lzWGAkqfBM51JyJ%2Ffl8N8tcS6eVO26iv46Rfhhmuz21skLlF%2BPYqhn4FO8QTMOvZZZuUqIfy2Hv7a34MKwNXqVHfZpMLTVrg4%2FS7m2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
http://img-light.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d43088df8e55b74-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
9c90f3a83bc88a9-1634130309_s.jpg
img-light.com/upload/202110/8fffae6d6c988401/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-light.com/upload/202110/8fffae6d6c988401/9c90f3a83bc88a9-1634130309_s.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c78e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f98440b23d6e092b2088103dabd50a4091af72187cb61399301b2778dca1b6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2606
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15556
last-modified
Wed, 13 Oct 2021 13:05:09 GMT
server
cloudflare
etag
"6166d985-3cc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIz3bYnyyRNgxIYAlWTAIHFxe9%2FQvG9e8z3oN7rxgImN9gcSBZ%2BpzngxEGnxVJl8E5caj8c9cV6xg0aAMyF6TfIrosMm3O11yB603CxMnhqxDnKnOX%2BB%2Be%2BV%2B1Gx0obxmkd8i5a9JCBvvr%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
http://img-light.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d43088df8e85b74-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
6da83f05d92970d-1628857864_s.jpg
img-light.com/upload/202108/360c70c3abe237a6/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-light.com/upload/202108/360c70c3abe237a6/6da83f05d92970d-1628857864_s.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c78e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627a8966b58f68d23f4129cb264b47f19a8f391429a7cc8e05f96c5481ff37fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10289
last-modified
Fri, 13 Aug 2021 12:31:04 GMT
server
cloudflare
etag
"61166608-2831"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhO3aeu%2BcCmCctmVeGwV35MyK6Fpqth7WmjRAAv%2FYukX8NZ57j0OYF7tm58qPFw4AlpzN21TStOqC2l7e0O4USjyxa1Zhp4HEy8JSOSgP%2FfgEP4ONikM5CWHq2qJYwsFFM%2BDo4XaMghuAe3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
http://img-light.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d43088eafbb599b-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
newsyou.info.1024868.es6.js
jsc.mgid.com/n/e/ 		241 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3117ef8de99c385baec23e1ff509a1cbdb1efec22548af8218108e58a9669216

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
br
cf-cache-status
HIT
age
529
last-modified
Thu, 02 Dec 2021 15:01:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
EKNC2B056DVH381Q
x-amz-id-2
YoWbhVXUKecBzFeX+qTy0G0/QGN72sA2N5Hh7rsY2eelGDMKodHQNpiElPqbCwXtXt6ehycXwoE=
cf-bgj
minify
server
cloudflare
etag
W/"04e832b814fb49973f6ea86d571d84a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d43088e3df968e5-FRA
expires
Thu, 27 Jan 2022 18:32:23 GMT
sdk.js
connect.facebook.net/ru_RU/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=ec068f77318c01b28cebc4642025e3f7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f1630b05ad6b3cfa55d0ff023eecc5f88c987af34e131f29d2184c3dca54492e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ObJH6KpFGkGjENGJcMC9jw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 27 Jan 2023 13:44:24 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82137
x-fb-rlafr
0
x-fb-debug
HYhfv4ku5RdPhn6Xyw6pwOIs1WrcBqacH3LQ7eShe50AALFDBRRJzfrv8reva7xGgi3s6Ly11rwl7RRoqaYqxw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
244677e113f25b53c1e7ce1da82bbd88
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:23 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"4a551ec7a2b6cfd6e48452ef96e24c21"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
tt
a4p.adpartner.pro/ Frame F3CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&referer=undefined&
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.3248512539478996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store no-transform
ls
a4p.adpartner.pro/jsunit/ Frame 2DA5 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=610&screen_width=1600&reload_count=0&banner_num=1643297543174424053&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.3248512539478996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
1e76dce64a976f22f41b037fb0389474d301af51005cc41537300206a4b60d64

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:23 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
vunit.min.js
a4p.adpartner.pro/apstc/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.416
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=7459&0.023610469831072844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store no-transform
last-modified
Wed, 26 Jan 2022 14:40:11 GMT
server
nginx
content-encoding
br
etag
W/"61f15d4b-c158"
content-type
application/javascript
ls
a4p.adpartner.pro/vunit/ Frame 47E6 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/vunit/ls?vunit=7459&bannerNum=18598623110562372&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=7459&0.023610469831072844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
559951c03906bc44cc9cfa137af9b9e7c47296cb1b7b2f082fcc921c627168dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:23 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
media.min.js
a4p.adpartner.pro/apstc/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.416
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store no-transform
last-modified
Wed, 26 Jan 2022 14:40:11 GMT
server
nginx
content-encoding
br
etag
W/"61f15d4b-3ac0"
content-type
application/javascript
ls
a4p.adpartner.pro/media/ Frame 3264 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
8198f85d22ef4ca10a2ad33821d24b2cb60f5951698eb151c2089c5e8e30c139

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:23 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame 6767 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=610&screen_width=1600&reload_count=0&banner_num=1643297543206800085&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.6915893531319681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
547df87f4e2181df1d1f8d99ca91fb09d503756391a44b5f5bbbf581a6c74e4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:23 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame FC92 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7760&unit_id=7880&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543213313552&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7760&ref=&0.13083249191357216
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
34484acfdb270ba1f8e8cdc4730461ead417609a5a495566c688da8cad1fa2b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:23 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame E984 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543234041153&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7858&ref=&0.6737971205706019
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
4df5c2eb2d24db25323c14e5f5325055c905bd1f1a999ac36b1f35a89057811e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:23 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame 8238 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=5687&unit_id=6566&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543233919429&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=5687&ref=&0.3844579055057815
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
c7d8dc8d45c3367c5b3de62a0b6c693c16671df2bbfecfe274b7a9e63900fa08

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:23 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
cfg
data.24smi.net/ 		392 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13267&ver=29&pio=true&pps=true&callback=__smiCb1643297543630
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Nootdorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
9a619aa7f52b56c57622b82d743a36de303dc3d54b4b9091c4f65d413fd0a70f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
cfg
data.24smi.net/ 		392 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13245&ver=29&pio=true&pps=true&callback=__smiCb1643297543631
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Nootdorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
fdf5338d4f291bc32f81ce7560eda9ec192bf120d2ee02743c8984d8faa65ae6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
cfg
data.24smi.net/ 		392 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13248&ver=29&pio=true&pps=true&callback=__smiCb1643297543632
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Nootdorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
403538a0edbf91ae0c895b591716f99022985c5169bd74c6e61e4ae71ec4c38f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1968516418&t=pageview&_s=1&dl=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1296329708&gjid=2044216451&cid=274054083.1643297544&tid=UA-80712032-1&_gid=1146684044.1643297544&_r=1&_slc=1&z=718678744
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsyou.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cfg
data.24smi.net/ 		391 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=14482&ver=29&pio=true&pps=true&callback=__smiCb1643297543633
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Nootdorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
69e4905a7f490fa3be1fabfa33b099036279b2f7727abda5d50daaf468951d6b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
no-store
server
nginx
content-length
391
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
pclicks.js
prodmp.ru/ 		0
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks.js
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/javascript
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
widget-button.css.php
telegram.im/widget-button/ 		2 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/widget-button.css.php
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:23 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0
fonts.css
telegram.im/widget-button/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/fonts.css
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 09:05:17 GMT
Server
nginx
ETag
W/"58b29a4d-f47"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 03 Feb 2022 15:32:23 GMT
style.css
telegram.im/widget-button/ico/ 		1 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/ico/style.css
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 09:02:08 GMT
Server
nginx
ETag
W/"58b29990-42b"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 03 Feb 2022 15:32:23 GMT
WidgetTelegramButton.min.js
telegram.im/widget-button/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/WidgetTelegramButton.min.js
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 21:40:46 GMT
Server
nginx
ETag
W/"58b34b5e-c56c"
Strict-Transport-Security
max-age=0
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 03 Feb 2022 15:32:23 GMT
/
utarget.ru/is_clickunder/ 		16 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/is_clickunder/
Requested by
Host: utarget.ru
URL: https://utarget.ru/ranging/00cb2399e4/js/?rand=1737&cookie=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
utarget.pro
Software
nginx /
Resource Hash
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:23 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Vary
Cookie, Accept-Language
Content-Language
ru
cookie.js
partner.googleadservices.com/gampad/ 		216 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=newsyou.info&callback=_gfp_s_&client=ca-pub-5994697028380609
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
04a52974d4a13710503badb4b5e1cda3fcb0dbd11183fc97e7869e2db19d4f6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 15:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7233 		66 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=1573534164&lmt=1643297543&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543207&bpp=3&bdt=737&idt=564&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3153388284000&frm=20&pv=2&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=582
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bd485f0fd0abfd08c4f634047990358700c64697843afee1eb92bdb03b3157e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:23 GMT
server
cafe
content-length
14824
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 27 Jan 2022 15:32:23 GMT
cache-control
private
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:59:30 GMT
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 08 Dec 2021 08:59:30 GMT
server
CloudFront
age
4343573
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590808, s-maxage=30310003
x-amz-cf-pop
DUS51-P1
content-length
0
x-amz-cf-id
_saLVXrBYVytGFVLQlhTgj2qZxWEVxdpQq4jRsHVrEuz-DtsP3goag==
render
pwkvdk.com/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwkvdk.com/v1/render?surfer_uuid=57ad2f86-963d-400e-bf28-a829f11811ea&referrer=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&page_load_uuid=80ce4c3a-46d5-46ee-8017-5809b61d414f&page_depth=1&q3uc8yn188=5eca6fba-9cbb-4f45-9572-32cf84077d45&block_uuid=5eca6fba-9cbb-4f45-9572-32cf84077d45&refresh_depth=1&safari_multiple_request=130
Requested by
Host: pwkvdk.com
URL: https://pwkvdk.com/2c07l1291vil0mpy03qh8/687qvu678kypn9ors.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5b06a4236625e9c6aa6c8458c7df695539d7a1c931b9cd652e3dd9ca43fd689b

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
pwkvdk.com/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwkvdk.com/v1/render?surfer_uuid=57ad2f86-963d-400e-bf28-a829f11811ea&referrer=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&page_load_uuid=80ce4c3a-46d5-46ee-8017-5809b61d414f&page_depth=1&q3uc8yn188=1005d6d5-8587-4044-84b7-f49ce1b590da&block_uuid=1005d6d5-8587-4044-84b7-f49ce1b590da&refresh_depth=1&safari_multiple_request=432
Requested by
Host: pwkvdk.com
URL: https://pwkvdk.com/2c07l1291vil0mpy03qh8/687qvu678kypn9ors.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ee42810653ae6607359eb0296f06ff7ffdd36838ca17b282c0cba262bce526a4

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
pwkvdk.com/v1/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwkvdk.com/v1/render?surfer_uuid=57ad2f86-963d-400e-bf28-a829f11811ea&referrer=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&page_load_uuid=80ce4c3a-46d5-46ee-8017-5809b61d414f&page_depth=1&q3uc8yn188=3547ed36-7c1a-4c24-ba38-9664321b8855&block_uuid=3547ed36-7c1a-4c24-ba38-9664321b8855&refresh_depth=1&safari_multiple_request=601
Requested by
Host: pwkvdk.com
URL: https://pwkvdk.com/2c07l1291vil0mpy03qh8/687qvu678kypn9ors.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
197cf23522be7aa20c00d1e9de90a2a5cb08082989f9bd1130a70c1f80b0177b

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
pwkvdk.com/v1/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwkvdk.com/v1/render?surfer_uuid=57ad2f86-963d-400e-bf28-a829f11811ea&referrer=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&page_load_uuid=80ce4c3a-46d5-46ee-8017-5809b61d414f&page_depth=1&q3uc8yn188=3c625efe-9cd7-4984-b8ff-0ac328698b2c&block_uuid=3c625efe-9cd7-4984-b8ff-0ac328698b2c&refresh_depth=1&safari_multiple_request=869
Requested by
Host: pwkvdk.com
URL: https://pwkvdk.com/2c07l1291vil0mpy03qh8/687qvu678kypn9ors.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f80ff6111a2b83f8b439ade40821c168a0a97d506607a374140bc28e4eba4f20

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
pwkvdk.com/v1/ 		32 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwkvdk.com/v1/render?surfer_uuid=57ad2f86-963d-400e-bf28-a829f11811ea&referrer=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&page_load_uuid=80ce4c3a-46d5-46ee-8017-5809b61d414f&page_depth=1&q3uc8yn188=c0a8ed84-a54b-489b-89d5-0615217d2847&block_uuid=c0a8ed84-a54b-489b-89d5-0615217d2847&refresh_depth=1&safari_multiple_request=841
Requested by
Host: pwkvdk.com
URL: https://pwkvdk.com/2c07l1291vil0mpy03qh8/687qvu678kypn9ors.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
a5e6ae784afecb52d95c4460d9c16d8e3ed26714b42b43eec57824297946bc86

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
/
loadercdn.net/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=b9dc0a10369944bb&d=newsyou.info
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:23 GMT
server
openresty
zaglushka-top.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame 2705
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1643297543&psa=0&fo...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
47da719551bc09d8b7abad998f12535e5806007b8bd0ca0e3717ec05d1efe90b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 27 Jan 2022 15:32:20 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1113
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:24 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=212162&f=2&ref=https%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
7d9bcc81e48b4112faf64e433f9e0cebc46dfd0d6e6d161d443925bcdff7ee7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:59:30 GMT
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 08 Dec 2021 08:59:30 GMT
server
CloudFront
age
4343573
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590808, s-maxage=30310003
x-amz-cf-pop
DUS51-P1
content-length
0
x-amz-cf-id
I_MznLlhQbnuP9lcGAStFcw0ST4Z8wrYfU1-Cemclbmz-VuWl-LMzw==
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9531.CtFRba5MtPCROdN7T26L8C511TbR2vMFwm-xtCxZHd75E79PKCUHhs1nhyOT3hcZ.Rd2lE-f2VhrX7-N1OZEwuxBLCmI%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9531.LBEMfywGdUoe32zNTvn_5hR4UqDZfsXXAVB9vBaR2FxeaGnp8H0DlsSfhXgRZsdSfb3DHLMxQSM1Ve7EINn-bw%2C%2C.s1vEAsB0vc7dmZqm7V9BR7aR1Rg%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9531.LBEMfywGdUoe32zNTvn_5hR4UqDZfsXXAVB9vBaR2FxeaGnp8H0DlsSfhXgRZsdSfb3DHLMxQSM1Ve7EINn-bw%2C%2C.s1vEAsB0vc7dmZqm7V9BR7aR1Rg%2C
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9531.LBEMfywGdUoe32zNTvn_5hR4UqDZfsXXAVB9vBaR2FxeaGnp8H0DlsSfhXgRZsdSfb3DHLMxQSM1Ve7EINn-bw%2C%2C.s1vEAsB0vc7dmZqm7V9BR7aR1Rg%2C
date
Thu, 27 Jan 2022 15:32:24 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
zaglushka-center.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame 588B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=1263093664&adf=1828759177&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
199219a286886204cb63366914c6e1e1a29cae3626805565499868d088ace98c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 27 Jan 2022 15:32:19 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1157
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:24 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Wed, 26 Jan 2022 15:48:14 GMT
etag
"61f1430e-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 27 Jan 2022 16:32:24 GMT
1280.js
jsn.24smi.net/d/6/13245/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245/1280.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8bcbffbb8d6c67382224ce3dcc606693d1ffe08545805c167be22f9f0ab12fa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 27 Jan 2022 15:25:49 GMT
server
cloudflare
age
317
etag
W/"61f2b97d-13f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6d4308932dca914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 16:27:07 GMT
1282.js
jsn.24smi.net/e/7/13248/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248/1282.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
417fd63c23a7c6e249b54002e965c6d3eda19e06b84a4ae80e226021ed2ac9a6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 27 Jan 2022 15:20:48 GMT
server
cloudflare
age
230
etag
W/"61f2b850-11b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6d4308932dd2914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 16:28:34 GMT
783.js
jsn.24smi.net/b/0/14482/ 		54 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/b/0/14482/783.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7dea60fa923ab7d7120f0c2e05888e781939006d0777b63ef9148ebdd623f2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 27 Jan 2022 15:25:26 GMT
server
cloudflare
age
228
etag
W/"61f2b966-d62c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6d4308932dcc914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 16:28:36 GMT
1281.js
jsn.24smi.net/4/0/13267/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267/1281.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30711901769b5fad09214da2177589c15425a1748c77d332334fd15ed7859b9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 27 Jan 2022 15:20:48 GMT
server
cloudflare
age
230
etag
W/"61f2b850-118a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6d4308932dcf914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 16:28:34 GMT
zaglushka-center2.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame D367
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=1263093664&adf=1544427955&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center2.php
171 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center2.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
6e6155f0fa718000a44c255b2b93cf36e3a7d63f6119f0692306ae2caa7bea06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 27 Jan 2022 15:32:20 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
155
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center2.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:24 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
m.mixadvert.com/show/load/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7884&id_name=qatkt&teaser_name=RbdNnHd&block_name=nBDEap&ban_teaser=&r=0.4766145208389949&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7884&r=0.04942750067753199
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
1b20840aa882bbc7bd8595ec7e03077559ab71ca1a84214305a895f86903bf6f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
d0b61efd0b83a1d9.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/0da476292e5a4065b60e948e086aa90f/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/0da476292e5a4065b60e948e086aa90f/d0b61efd0b83a1d9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ed7d00600fd5b5ba790a95b1a3be78c4048f75ff0dc832a9fc994f4f071d4971

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Tue, 25 Jan 2022 10:28:08 GMT
server
nginx/1.14.2
etag
"61efd0b8-6155"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24917
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:31:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:24 GMT
css2
fonts.googleapis.com/ Frame 1ED3 		2 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@700&display=swap
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c50284cc9473b4b7e1e495b4a7aaf141f9a4406135b25cee8d1b48baa6aa0fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:36:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:24 GMT
thumb_1.jpg
video.ridus.ru/video/3890/ Frame 1ED3 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.ridus.ru/video/3890/thumb_1.jpg
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3fda86b14509e7ecd5db435f451ee122573f609bc0f51750a524023218735d75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Last-Modified
Tue, 28 Jul 2020 09:23:32 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f1fee94-319d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12701
jquery-2.2.4.min.js
video.ridus.ru/js/ Frame 1ED3 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/js/jquery-2.2.4.min.js
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 09:18:39 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5d9b02ef-14e4a"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 27 Jan 2022 15:32:23 GMT
videojs-ie8.min.js
video.ridus.ru/js/ Frame 1ED3 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/js/videojs-ie8.min.js
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 09:18:43 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5d9b02f3-6a8f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 27 Jan 2022 15:32:23 GMT
videojs.min.js
video.ridus.ru/js/ Frame 1ED3 		513 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/js/videojs.min.js
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6594c3c30e59be8ada5b6ae48bbea7248178680f9abd3a7abe8483aef110fbce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 09:18:47 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5d9b02f7-804a0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 27 Jan 2022 15:32:23 GMT
ru.js
video.ridus.ru/js/ Frame 1ED3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/js/ru.js
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cbced7e6cbff109258ba21fed32b25a7ca813b76fb5b55b7a9d1b00490badc40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 09:18:45 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5d9b02f5-152a"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 27 Jan 2022 15:32:23 GMT
videojs-share.min.js
video.ridus.ru/js/ Frame 1ED3 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/js/videojs-share.min.js
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
47c72d70caa64da73cdff1a7cc9fbe4ed66901a3de42aeeaf121afcd6dc44264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 14:55:44 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5dcc1970-8102"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 27 Jan 2022 15:32:23 GMT
share-ru.js
video.ridus.ru/js/ Frame 1ED3 		254 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/js/share-ru.js
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5334e3cb148c9b10af31f3c5944aab8ac62b699f708ae48ca787d6544c38a592

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 09:18:41 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5d9b02f1-fe"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 27 Jan 2022 15:32:23 GMT
videojs-quality-selector.min.js
video.ridus.ru/js/ Frame 1ED3 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/js/videojs-quality-selector.min.js
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
65516c677f31b3dc7a46b25580752d407e4cf3b9c9f7edaa21b78c3dc5740266

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Jun 2020 19:03:22 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5ee9177a-5acc"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 27 Jan 2022 15:32:23 GMT
videojs-brand.min.js
video.ridus.ru/js/ Frame 1ED3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/js/videojs-brand.min.js
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
68ccbdb842f6a18570bf56e2e17845300d3a016a26a5b428bd47d6e464593259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 14:55:44 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5dcc1970-7de"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 27 Jan 2022 15:32:23 GMT
ads.js
video.ridus.ru/js/ Frame 1ED3 		28 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/js/ads.js
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef9ca420ca4ade671af87887f2a0849f4a8044ebd9656095439df8c0b7834412

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 14:55:44 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5dcc1970-1c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 27 Jan 2022 15:32:23 GMT
js
www.googletagmanager.com/gtag/ Frame 1ED3 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-45437881-1
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70981c629676bf7182926d5ef0a9299a0b1ad5f8a72155eef9e2090f084abfd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35996
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 15:32:24 GMT
z
s.zmctrack.net/ Frame D4F9 		102 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
ad96d0568ffea05fde2ad18d2ee5ed1e090950a1c55dccb10ffd59f5978a69b0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
analytics.js
www.google-analytics.com/ Frame 2DA5 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=610&screen_width=1600&reload_count=0&banner_num=1643297543174424053&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7050
date
Thu, 27 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 27 Jan 2022 15:34:54 GMT
jsunit
a4p.adpartner.pro/ Frame 2DA5 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1643297543174424053&id=7460&is_in_viewport=0&ref=&reload_count=0&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&session_pageview=1&shown=&site_visited=1&unit_id=7460
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=610&screen_width=1600&reload_count=0&banner_num=1643297543174424053&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
ba4b853d4279e5668739fe17d2ab02e98d0d04178b7d06c8bf1372a22b4163e8

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=610&screen_width=1600&reload_count=0&banner_num=1643297543174424053&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 27 Jan 2022 15:32:24 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
vunit
a4p.adpartner.pro/ Frame 47E6 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/vunit?id=7459&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=7459&bannerNum=18598623110562372&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
0f48df046030dbf9a35dd57b4d1ca0a4d5d7b34656b12d1376ba4a37a15a2335

Request headers

Referer
https://a4p.adpartner.pro/vunit/ls?vunit=7459&bannerNum=18598623110562372&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
media
a4p.adpartner.pro/ Frame 3264 		1 KB
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=5555&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
848cbbda196e725000414dcca5e3794b6934306bdf7c32ebdf0c6d77a1750df0

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame 6767 		30 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1643297543206800085&id=2489&is_in_viewport=0&ref=&reload_count=0&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&session_pageview=1&shown=&site_visited=1&unit_id=2489
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=610&screen_width=1600&reload_count=0&banner_num=1643297543206800085&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
91e066074e6f85c7b6e2a7e49657102bdcca606c6800d732877d0d5498e7722b

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=610&screen_width=1600&reload_count=0&banner_num=1643297543206800085&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 27 Jan 2022 15:32:24 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame FC92 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1643297543213313552&id=7760&is_in_viewport=0&ref=&reload_count=0&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&session_pageview=1&shown=&site_visited=1&unit_id=7880
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7760&unit_id=7880&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543213313552&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
00e059dfc2ec4c2e6e7c1aa8b8ff47c81a5d3764279bef81a18253e15ece8d04

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7760&unit_id=7880&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543213313552&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 27 Jan 2022 15:32:24 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame 8238 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1643297543233919429&id=5687&is_in_viewport=0&ref=&reload_count=0&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&session_pageview=1&shown=&site_visited=1&unit_id=6566
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=5687&unit_id=6566&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543233919429&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
3d16c14d137652871fba612b412d90d35db5c3cec4a3e69839a60ba0c0a3ae04

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=5687&unit_id=6566&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543233919429&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 27 Jan 2022 15:32:24 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame E984 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1643297543234041153&id=7858&is_in_viewport=0&ref=&reload_count=0&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&session_pageview=1&shown=&site_visited=1&unit_id=7883
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543234041153&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
1068940d5f14980112d4266b138ea0c3ebcbbdc34f2751dc54b376cb6f224c20

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&width=300&screen_width=1600&reload_count=0&banner_num=1643297543234041153&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 27 Jan 2022 15:32:24 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
ads
googleads.g.doubleclick.net/pagead/ Frame BA7A 		71 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1861bd6d6ab18ab9d64fd725f5eb9babca7abdda259798c869035ff41fb1f85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:24 GMT
server
cafe
content-length
21935
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
d0b61e5b44db7a31.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/fe30ba49cef34baba86e04f7af406760/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/fe30ba49cef34baba86e04f7af406760/d0b61e5b44db7a31.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f4f8aff8772cabdb04b06674f3971e095a50793d1fdc29818108d334321d6165

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Mon, 17 Jan 2022 18:24:13 GMT
server
nginx/1.14.2
etag
"61e5b44d-84b2"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
33970
d0b61ef9bfb6c220.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/4594240bb9424b42b0b2828584b0ae9f/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/4594240bb9424b42b0b2828584b0ae9f/d0b61ef9bfb6c220.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
a81b3f5f9d509e819904278d65030ffae579dae6740e59360f472c5fed2b4f23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Tue, 25 Jan 2022 06:43:07 GMT
server
nginx/1.14.2
etag
"61ef9bfb-4ea5"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20133
d0b61f29cf4462e2.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/d19d9fafa50e4be6b30ea6b90b6a2187/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/d19d9fafa50e4be6b30ea6b90b6a2187/d0b61f29cf4462e2.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
bac85db2b623ddda7b7a390480cd4e305eb78e1c8fb7db6787502244c5a4a53a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Thu, 27 Jan 2022 13:24:04 GMT
server
nginx/1.14.2
etag
"61f29cf4-4708"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
18184
d0b61c182c1455c2.jpeg
pwkvdk.com/.cdn/05a5cf/c20ad4/cdf008954307431d9e9cd6d6bdebca80/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/05a5cf/c20ad4/cdf008954307431d9e9cd6d6bdebca80/d0b61c182c1455c2.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
36e1084e186cf1242d0ff4c759e17675fd6b5cf50a3348a21f3f8a1a662f6b20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Tue, 21 Dec 2021 07:31:13 GMT
server
nginx/1.14.2
etag
"61c182c1-6188"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24968
d0b61ef9bc6a618e.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/4a7fdff2598d4279969c89af9ece35da/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/4a7fdff2598d4279969c89af9ece35da/d0b61ef9bc6a618e.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2e70f2271afb9e3760af0356dfe58701562dbc81d97fea33048e758930d3c308

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Tue, 25 Jan 2022 06:42:14 GMT
server
nginx/1.14.2
etag
"61ef9bc6-6afb"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
27387
d0b6194a92d3a0ff.jpeg
pwkvdk.com/.cdn/05a5cf/6512bd/ceb3ec894cca4652b4d301451afb1856/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/05a5cf/6512bd/ceb3ec894cca4652b4d301451afb1856/d0b6194a92d3a0ff.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d98786d0d1f2ea3270d27f459db6be4a334c26b364e79f8f0d106c274aac2200

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Wed, 17 Nov 2021 07:03:09 GMT
server
nginx/1.14.2
etag
"6194a92d-3c83"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
15491
d0b61eab21dca8d5.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/07ca5b1dc7994a89a455fe1eef667b86/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/07ca5b1dc7994a89a455fe1eef667b86/d0b61eab21dca8d5.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
b6faf280d0d6dc55b7b8483892fece7347a8a6ab9b5f54e9beb10c3a7376bff0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Fri, 21 Jan 2022 13:16:13 GMT
server
nginx/1.14.2
etag
"61eab21d-3ff4"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
16372
d0b61d6c037d6f1d.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/b0c43230081b40ffa16ea54cafaed573/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/b0c43230081b40ffa16ea54cafaed573/d0b61d6c037d6f1d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
62b96179654cac81191c6cd61d934f962be1f502dc14c763cc7e60a8d70a44bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Thu, 06 Jan 2022 10:11:03 GMT
server
nginx/1.14.2
etag
"61d6c037-4fa9"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20393
d0b6115360bf1f86.jpeg
pwkvdk.com/.cdn/05a5cf/fad6f4/dc7ecd7351ae49748f1e78fa144f3195/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/05a5cf/fad6f4/dc7ecd7351ae49748f1e78fa144f3195/d0b6115360bf1f86.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6eb1d97374d7d109c419a5b5d30eb49e6e57095ceea9e60945301a0d359b32cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Thu, 12 Aug 2021 14:54:03 GMT
server
nginx/1.14.2
etag
"6115360b-4030"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
16432
d0b61de89a38285a.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/0cfb313b8a4b46d5ace8932829be1964/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/0cfb313b8a4b46d5ace8932829be1964/d0b61de89a38285a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b209dbe2f8ee872780c7e434e26a966f896b16dbe63f0898f393d0373d974e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Wed, 12 Jan 2022 07:56:19 GMT
server
nginx/1.14.2
etag
"61de89a3-46e7"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
18151
telegramimfont.ttf
telegram.im/widget-button/ico/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/ico/fonts/telegramimfont.ttf?7b24fo
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/ico/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e

Request headers

Referer
https://telegram.im/widget-button/ico/style.css
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Last-Modified
Sun, 26 Feb 2017 09:02:02 GMT
Server
nginx
ETag
"58b2998a-59c"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1436
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 20:07:55 GMT
x-content-type-options
nosniff
age
156269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 20:07:55 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 20:14:30 GMT
x-content-type-options
nosniff
age
69474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 20:14:30 GMT
truncated
/ Frame 1ED3 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1ED3 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Oma2RjRdE.woff2
fonts.gstatic.com/s/robotoslab/v16/ Frame 1ED3 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v16/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Oma2RjRdE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a417a4556116caa8a777aaccbedc27fe4854de9a34f4de2912582c09630a8450
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://video.ridus.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 06:33:35 GMT
x-content-type-options
nosniff
age
550729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8120
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:11:07 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 06:33:35 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v16/ Frame 1ED3 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v16/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ee2c2fb62c3ff276b5e38b325b44c26becb66331c106d05dbf27b12ee22c3d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://video.ridus.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 22:31:39 GMT
x-content-type-options
nosniff
age
147645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12792
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:12:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 22:31:39 GMT
d03611d0a37e080b.jpeg
pwkvdk.com/.cdn/05a5cf/fad6f4/4f250b41093144cdb2190c2a78e9a259/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/05a5cf/fad6f4/4f250b41093144cdb2190c2a78e9a259/d03611d0a37e080b.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90c0de9d5a7b9acb175ab086051ecd0d8898f740dacbdf05905b55b4a6b5235d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Wed, 18 Aug 2021 13:25:11 GMT
server
nginx/1.14.2
etag
"611d0a37-2be9"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
11241
d0361ef9c3a59368.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/f5a693a49c764ac49af4d6b13cde5b65/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/f5a693a49c764ac49af4d6b13cde5b65/d0361ef9c3a59368.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
9bd5945215c69f91f909c6fd42a0c42c569ff1a3a145289c8a69ebc5cb56ee4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Tue, 25 Jan 2022 06:44:10 GMT
server
nginx/1.14.2
etag
"61ef9c3a-3fef"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
16367
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F38E 		77 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
816327d42bedda9636ced140a4bdda724110239a2a17366ee1caa81e97e2299a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:24 GMT
server
cafe
content-length
22529
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
video.mp4
video.ridus.ru/video/3890/ Frame 1ED3 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://video.ridus.ru/video/3890/video.mp4
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
167594c9892450f36327228c44fdf8f39a3ebbdcddef2497f30d5c488e296e31

Request headers

Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Last-Modified
Tue, 28 Jul 2020 09:23:31 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f1fee93-1080d7"
Content-Type
video/mp4
Content-Range
bytes 0-1081558/1081559
Connection
keep-alive
Content-Length
1081559
d0361e14661e50fd.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/7933cf1c255645499033cb5170b32016/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/7933cf1c255645499033cb5170b32016/d0361e14661e50fd.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8bc887dc0ec7d844123d80c36b54293a9ea37b81d8b41b859e21c1007d5941f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Fri, 14 Jan 2022 09:46:09 GMT
server
nginx/1.14.2
etag
"61e14661-2c28"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
11304
d03611535d2eab21.jpeg
pwkvdk.com/.cdn/05a5cf/fad6f4/ad636d96e673415e90d489e332995bf1/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/05a5cf/fad6f4/ad636d96e673415e90d489e332995bf1/d03611535d2eab21.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1853ddc793848acbfa43a5afe955229d5b8bbeecfd3ea24d15e97625260c62f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Thu, 12 Aug 2021 14:53:06 GMT
server
nginx/1.14.2
etag
"611535d2-3da8"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
15784
d0b61e935843c425.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/e07da3027e174e5a956a1fa2e7709d9e/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/e07da3027e174e5a956a1fa2e7709d9e/d0b61e935843c425.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
c782b872b7b1cf17e389f882ec50ceef0f66d90b499addface7106540ab4fba9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Thu, 20 Jan 2022 10:12:20 GMT
server
nginx/1.14.2
etag
"61e93584-5022"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20514
d0b61e1465be82a0.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/d382f4a4809c4e94bd239e7bd5db356c/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/d382f4a4809c4e94bd239e7bd5db356c/d0b61e1465be82a0.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
bae120caab6b4089f05f324a01e178189b1c639e0185de48c63628659b8c8593

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Fri, 14 Jan 2022 09:46:03 GMT
server
nginx/1.14.2
etag
"61e1465b-6b14"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
27412
d0b61de895c5dbc9.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/a5ae3e6965ab434fbc3c180fc0a5ca80/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/a5ae3e6965ab434fbc3c180fc0a5ca80/d0b61de895c5dbc9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6900957a35224cafc6db293f6f277a7cbf121bc8170c39cf93b827115d6baee2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Wed, 12 Jan 2022 07:55:08 GMT
server
nginx/1.14.2
etag
"61de895c-4921"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
18721
d0b61e14b4ba707f.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/6524ab109bdb488dbaa21d1d4746ce7e/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/6524ab109bdb488dbaa21d1d4746ce7e/d0b61e14b4ba707f.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
27bfdb11f5445cc7e41f289f094a9218725aa2f94e9ab1abee28062262909e0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Fri, 14 Jan 2022 10:07:07 GMT
server
nginx/1.14.2
etag
"61e14b4b-6b17"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
27415
d0b61f128182838a.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/f2f550313069488f94d75634e9b73edd/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/f2f550313069488f94d75634e9b73edd/d0b61f128182838a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
cb451c36af74dd91259362b73cb59da7b3a60ce035743be1e4220ea57a83dfbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Wed, 26 Jan 2022 10:53:12 GMT
server
nginx/1.14.2
etag
"61f12818-5bf0"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
23536
d0b61ef9c6fd517f.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/ca3e4a1f8e264aa58b4f96cf44d1b52e/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/ca3e4a1f8e264aa58b4f96cf44d1b52e/d0b61ef9c6fd517f.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
a3f4ad6375ac8bdb6c4f24d9b6b18501dcf920c63842f636679fc3af44a3e47b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Tue, 25 Jan 2022 06:45:03 GMT
server
nginx/1.14.2
etag
"61ef9c6f-41ee"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
16878
d0b61efd0b40d2cb.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/2880ef10725a416ab620f64edfbcd301/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/2880ef10725a416ab620f64edfbcd301/d0b61efd0b40d2cb.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5231dabce25f64958411a59df83a182c4783c050022145fc0537daca5a1ddb94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Tue, 25 Jan 2022 10:28:04 GMT
server
nginx/1.14.2
etag
"61efd0b4-5de4"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24036
d0b611d0a3a2edd5.jpeg
pwkvdk.com/.cdn/05a5cf/fad6f4/ef34f7f1d29449029f4cded922edb743/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/05a5cf/fad6f4/ef34f7f1d29449029f4cded922edb743/d0b611d0a3a2edd5.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d5dc3810d345b69ede6455734f4efcd13ed56b902668192e7d2004c171591a8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Wed, 18 Aug 2021 13:25:14 GMT
server
nginx/1.14.2
etag
"611d0a3a-43c1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
17345
d0b61e6e900aaecb.jpeg
pwkvdk.com/.cdn/3a8241/96a3be/248682a6aaf64465a2db3b5e08f877ed/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/3a8241/96a3be/248682a6aaf64465a2db3b5e08f877ed/d0b61e6e900aaecb.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f3e078f8c284e90bb462895b26ce4db64cdcfa4d077459060c350d8ac54e30fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Tue, 18 Jan 2022 16:21:20 GMT
server
nginx/1.14.2
etag
"61e6e900-6f17"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
28439
d0b61b04843cce0a.jpeg
pwkvdk.com/.cdn/05a5cf/c20ad4/ebb7a79bf9184139982487d0f1d58169/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwkvdk.com/.cdn/05a5cf/c20ad4/ebb7a79bf9184139982487d0f1d58169/d0b61b04843cce0a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
20a86f89dc45664f4484a6c6aed9797af8150f2910dc6cdf3a52d8c5c14c5c0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Wed, 08 Dec 2021 05:53:07 GMT
server
nginx/1.14.2
etag
"61b04843-4df1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19953
truncated
/ Frame 1ED3 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1ED3 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
ads
googleads.g.doubleclick.net/pagead/ Frame DB66 		24 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
957183a7d41a580eba60c56b4cffe68a8e4ae33f6c603f03616058926ca8b6c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:24 GMT
server
cafe
content-length
11153
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/ 		150 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/reactive_library_fy2019.js?bust=31064219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4eabd4d494e2ba5a8f90e710fb3f5a116bb99a740b84f789cfe78628ab1df8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54793
x-xss-protection
0
server
cafe
etag
5327321047230960544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:32:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-5994697028380609&eid=31064219%2C31063221%2C21065725
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/44453875/
Redirect Chain
  • https://mc.yandex.com/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9dr...
  • https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A269838970862%3Ahid%3A828350136%3Az%3A0%3Ai%3A20220127153223%3Aet%3A1643297544%3Ac%3A1%3Arn%3A165856741%3Arqn%3A1%3Au%3A1643297544208227818%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643297541492%3Ads%3A0%2C189%2C657%2C2%2C0%2C0%2C%2C676%2C5%2C%2C%2C%2C1654%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643297545%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
247402d58f01edb4d92d16ff313db1b88c0d91d83d071980210501126fcc7655
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 27-Jan-2022 15:32:24 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 27-Jan-2022 15:32:24 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Thu, 27-Jan-2022 15:32:24 GMT
location
/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A269838970862%3Ahid%3A828350136%3Az%3A0%3Ai%3A20220127153223%3Aet%3A1643297544%3Ac%3A1%3Arn%3A165856741%3Arqn%3A1%3Au%3A1643297544208227818%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643297541492%3Ads%3A0%2C189%2C657%2C2%2C0%2C0%2C%2C676%2C5%2C%2C%2C%2C1654%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643297545%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 27-Jan-2022 15:32:24 GMT
css2
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:16:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:24 GMT
css2
fonts.googleapis.com/ 		5 KB
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50eec93d5274ac06d5610614e839e9ba4cded7c6d72edb2a3056b08f14c79f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:22:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:24 GMT
v
fcgi5.gnezdo.ru/ 		1 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/v
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=windows-1251
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame F68A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1202473_8bae6ff723.jpg
zn3.2xclick.ru/img/300x300/473/ Frame F68A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/473/1202473_8bae6ff723.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
4cedf8e0d2f45de14d051cc8db7c4ebd78d17ea40616fa2aaa54c3355f7d6a92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:25 GMT
Last-Modified
Fri, 24 Sep 2021 09:47:09 GMT
Server
nginx
ETag
"614d9e9d-3fc8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
16328
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1153108_a465e98b7b.jpg
zn3.2xclick.ru/img/300x300/108/ Frame F68A 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/108/1153108_a465e98b7b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
c47059aea1c35a75cce187a3921d7f7da3a2947879b6b6b4fce5fb1abab844b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Wed, 30 Jun 2021 12:48:05 GMT
Server
nginx
ETag
"60dc6805-4f9d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
20381
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1244884_2ec4d5991f.jpg
zn3.2xclick.ru/img/300x300/884/ Frame F68A 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/884/1244884_2ec4d5991f.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
25d9c4886777d3632a5e3bc099f4b41e3b4e46d73010aa2fccb4d3eff8c21489

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 21 Dec 2021 05:57:00 GMT
Server
nginx
ETag
"61c16cac-49ba"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
18874
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&tizer_id=212162&r=0.3405236469996351
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
server
nginx
content-type
image/gif; charset=windows-1251
ads
googleads.g.doubleclick.net/pagead/ Frame 5170 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1826ccd21554f5d32b7bd32f328d7424d9ba1309ff33385531609b63de0a5512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:24 GMT
server
cafe
content-length
11409
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ 		3 KB
559 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
444b1f2dbc00773bef5179ceba51ccb8cc355d80c3fbc36e925be3c38a9065ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:20:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:24 GMT
38170-441677-fiHrect.jpg
i.mixadvert.com/8174/38170/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-441677-fiHrect.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
834f26b2cb7b9a1448b7cf89dde9d46398b6b4bffa398589bf983e53292d51bc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Last-Modified
Tue, 25 Jan 2022 10:43:13 GMT
Server
nginx/1.12.1
ETag
"61efd441-6e1a"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28186
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-440546-D9brect.jpg
i.mixadvert.com/8174/38170/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-440546-D9brect.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
05c70f3690d6aed1c44e1e2bb08913175da3e97f5775e6b40a5ec3fe8599fe38
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Last-Modified
Tue, 28 Dec 2021 11:58:21 GMT
Server
nginx/1.12.1
ETag
"61cafbdd-c810"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51216
Expires
Thu, 31 Dec 2037 23:55:55 GMT
block_head.png
mixadvert.com/images/logo/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
close.gif
newsyou.info/img/ 		83 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/close.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:20 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83
Expires
Thu, 03 Feb 2022 15:32:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-5994697028380609&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220123_093458&sat=1643191457323&afm=0&as_count=11&d_count=0&ng_count=0&am_count=0&atf_count=4&mdns=0.629&alldns=0.629&allp=95&pgh=5677&su=newsyou.info&pvc=3811902208470004&r=0.1&eid=31064219%2C31063221%2C21065725
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v19/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v19/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:32:35 GMT
x-content-type-options
nosniff
age
71989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34852
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:27 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:32:35 GMT
/
m.mixadvert.com/show/load/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7880&id_name=hzrnQ&teaser_name=rAkbpZj&block_name=iZthbT&ban_teaser=441677,440546&r=0.21235236708992722&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7880&r=0.31585156593416985
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
4256e6593e09392bdbcb4a073731ddc0daae7c340d69c76fd5b230b22f4951f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13977&f=2&ref=https%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
101bd20d6740539876841132caa69f3637622abf9b2f4f40d22bd66911499fd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:24 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
logo_left.gif
file.adpartner.pro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/logo_left.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
last-modified
Thu, 24 Jan 2019 09:25:42 GMT
server
nginx
etag
"5c498496-a79"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
2681
1px-matching-adpartner.gif
t.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=8506b69c-4014-45e4-a5be-f76d0f847627
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:24 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
uid=8506b69c-4014-45e4-a5be-f76d0f847627
s.uuidksinc.net/match/798/ 		74 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/798/uid=8506b69c-4014-45e4-a5be-f76d0f847627
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
8506b69c-4014-45e4-a5be-f76d0f847627
recreativ.ru/mtch/31/ 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recreativ.ru/mtch/31/8506b69c-4014-45e4-a5be-f76d0f847627
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

hn
b15
date
Thu, 27 Jan 2022 15:32:24 GMT
server
nginx
content-type
image/gif
pix
dsp-trk.eskimi.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=8506b69c-4014-45e4-a5be-f76d0f847627
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/adpdigital
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
49 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
193.232.148.142 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp3.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=8506b69c-4014-45e4-a5be-f76d0f847627
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
113
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=8506b69c-4014-45e4-a5be-f76d0f847627
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 27 Jan 2022 15:32:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007F09BBF2612500737002424F1A&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F09BBF261BC083D150217A4F9
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F09BBF261BC083D150217A4F9
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:28 GMT
last-modified
Thu, 27 Jan 2022 15:32:28 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 27 Jan 2022 15:32:28 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F09BBF261BC083D150217A4F9
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007F09BBF2612400B76F02421D4D&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F09BBF261BC083D150217A4F9
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F09BBF261BC083D150217A4F9
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:28 GMT
last-modified
Thu, 27 Jan 2022 15:32:28 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 27 Jan 2022 15:32:28 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F09BBF261BC083D150217A4F9
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e0d259f7-d705-511b-a212-861bc3e03d12
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e0d259f7-d705-511b-a212-861bc3e03d12
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
last-modified
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e0d259f7-d705-511b-a212-861bc3e03d12
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e0d259f7-d705-511b-a212-861bc3e03d12
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e0d259f7-d705-511b-a212-861bc3e03d12
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
last-modified
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e0d259f7-d705-511b-a212-861bc3e03d12
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9f98065b-f45c-459e-7830-bf23e91a40b1
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9f98065b-f45c-459e-7830-bf23e91a40b1
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
last-modified
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9f98065b-f45c-459e-7830-bf23e91a40b1
date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=a23b8b70-09ac-4700-77fd-b2aa76fcfc6b
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=a23b8b70-09ac-4700-77fd-b2aa76fcfc6b
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
last-modified
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=a23b8b70-09ac-4700-77fd-b2aa76fcfc6b
date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
css
fonts.googleapis.com/ 		3 KB
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto|PT+Sans
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ecbec5ad3fff64f1ccbe2cd0af35dd44b73ca5080730bb73bd65d5a93b7dfcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 15:02:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:24 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 824B 		28 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1643297544&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1589&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=3390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=lWmNVgJi3G&p=https%3A//newsyou.info&dtd=1599
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ed65a1f398aae048cb73d56d05dc673c2a3f21c01ff8fe0f7a493a1f9c0ab8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:25 GMT
server
cafe
content-length
10432
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
m.mixadvert.com/show/ Frame 588B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5709&r=0.007324394361965636
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
9e2504a28c0c79b6a5bcb5b1a9012dbdd69cb3ac4eff1b64162c4cbcef5d996d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
css
fonts.googleapis.com/ 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:12:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:24 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v21/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:30:11 GMT
x-content-type-options
nosniff
age
158533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:51 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 19:30:11 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v21/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:55:09 GMT
x-content-type-options
nosniff
age
157035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20480
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 19:55:09 GMT
load
ads.betweendigital.com/ Frame 62EA 		68 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/load?randsalt=87202&context=AAAAAEAjSFthdgACaQAvAsUUTWjbVtj66pkQggdhGyGXiR1Cu1Xye9LTk1-LcZ3GnZM09cBuwnIx-nmqVcuSkaU6zSmMXcagFEoPOw123HFsl7JTGeyyscN-GNtxO-bQQ0477cm2SEtb2p76PfF97_vjfb-Clm27rudxS9EshhVi6UyxiGcomCFLd2ynShgCfPf4_pdL3_7z28NfeyV_OCoU4FOpnySj8YVKJeST8e0oVf3Qiyr7zd3Gx9c7rdbmlrLd7iqdbuOqcq29295S9neb-xuCdprdTWV3c6PZhgKsYKarmqliouoU_pV2okM_CKyKoSL57J4futFkLF_ryhip6KIsBJRclA8oOSc3RqOA73F7208qhm4Kd_nsdqu7c_W8HPgDLn_InUF0Tr7cj6MhrzBTRSqhTFNNLHcsz4r9uRcsEoI0IydLVEMEm1AmiBERHPxZhJMzItJVAIFFxI_nK_jlmN_qjftWzDPthc3GOtbOT7GC5zTndShkkGF4a55cDyNYpEjXKBQ3mvDeldgKB14aJ7I1lHcsP4RiqwnLWNWoIQ6GosuhPHcGwLDYTvo8zkkJExNW17t7ik5MkyjMYCL0df_w0Al8ZyBPuA3lW-ogFTWaxlLSCIFVgRR77MS9KqIMZMH2uOnqBtWZSymClblBD-tmFUqXP9qB8s009VURTOl6ZwOyrMRZCqN4aAXi9tVfAP99d3JmrgCQQJpmPuWn39KsN1BkpuCAzNSZRZLPFk-VMHK5po6jIE38KBwHlj3wE9WJhpV6UhvFk7VB7YlQH0ov6Tya1MI0DtZGsVdDKl5Lana41rfG_ZrDTcMzKfIsm1Ij2wFMKGVVhChxXNGDwvPAf_DjjeP3j-o5bUQLf-gfJC_kc_93Vr558Pu9dy_98MXbwd90tf7ch14JHtVPSzsn0qlWiI7quUbKOpEJP1_ZqovLJ-tQkGAmmxlkFq9_a-8U82SkO8VsAp9KGlqOXq0yyzMVxFxDIR7nCsO2WEeiG0TMOSdVsU5UhwWNVNmzCrcQpAc4e-P7N37-KYPjulTWETrQDFT6uigdfXY4G-fCL29m3_RdKCznISxkey-o-IfMVHBa-WwDsm19rCsn9ZkRPDlg_wM=
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
css
fonts.googleapis.com/ 		3 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d0a1943c15d015900e69d6d46f9f96d2906fc4c99c0d3d4822ffc5e3f56768f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 15:29:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:24 GMT
confirm
pwkvdk.com/v1/ 		48 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwkvdk.com/v1/confirm?block_show_uuid=9a2925b0-72c8-4f7d-ab72-b49f1d431b34&confirmed[]=dfb3fc61-4463-4c16-af4f-f36b633c7901&confirmed[]=7c7941b9-7b24-4629-887a-fc2384b6144d
Requested by
Host: pwkvdk.com
URL: https://pwkvdk.com/2c07l1291vil0mpy03qh8/687qvu678kypn9ors.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8bd379f35f7542aa283ad4208a2fdaff61b9067247619f8c0c945898d9e3be06

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:24 GMT
cache-control
no-cache, private
server
nginx/1.14.2
content-type
application/json
newsyou.info.1122348.js
jsc.mgid.com/n/e/ Frame D367 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
br
cf-cache-status
HIT
age
6979
last-modified
Thu, 25 Nov 2021 11:26:29 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
T72570RD0NPJGY08
x-amz-id-2
a28riq9jUGJJUVnKtT/pPOakUJ/WNw4ov5gAPz8DHVaSeh451uIM0yF56/HmeLWFnFnvFX0c6mE=
cf-bgj
minify
server
cloudflare
etag
W/"4a5ade7ca18e6cd9b124c7e488981183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d430897cd9868e5-FRA
expires
Thu, 27 Jan 2022 18:32:24 GMT
/
m.mixadvert.com/show/ Frame 2705 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7879&r=0.426062461653945
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
fe6e721f3d866504c2f261161033d84e5c6b4fe62cf85228ba8f9cbccb694a0b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
if
a4p.adpartner.pro/tracker/ Frame AF47 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25228506b69c-4014-45e4-a5be-f76d0f847627%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5555%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%2522%257D
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:24 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame E1B9 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%228506b69c-4014-45e4-a5be-f76d0f847627%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2038647%2C%22cost%22%3A0.000299707%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225a451347-afbf-4e8c-b0a9-7cb5adb2825d%22%7D%2C%7B%22ad_id%22%3A2326865%2C%22cost%22%3A0.000252519%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%222606b897-f174-4669-9b26-8b11216adc44%22%7D%2C%7B%22ad_id%22%3A2078112%2C%22cost%22%3A0.000176578%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221057ef74-341a-42aa-9afb-fb20b224a6f4%22%7D%5D%2C%22unit_id%22%3A7460%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:24 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/ Frame D4F9 		150 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/reactive_library_fy2019.js?bust=31064219
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4eabd4d494e2ba5a8f90e710fb3f5a116bb99a740b84f789cfe78628ab1df8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54793
x-xss-protection
0
server
cafe
etag
5327321047230960544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:32:24 GMT
if
a4p.adpartner.pro/tracker/ Frame D3A9 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%228506b69c-4014-45e4-a5be-f76d0f847627%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1965011%2C%22cost%22%3A0.000187298%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%226d53edcd-01ea-473f-ac57-d360764dc40a%22%7D%5D%2C%22unit_id%22%3A6566%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:24 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
hit
counter.yadro.ru/ Frame 1ED3
Redirect Chain
  • https://counter.yadro.ru/hit?rhttps%3A//newsyou.info/;s1600*1200*24;uhttps%3A//video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63;h%u041C%u043E%u0436%u043D%u043E%20%u0441%u043C%u043E%u0442%...
  • https://counter.yadro.ru/hit?q;rhttps%3A//newsyou.info/;s1600*1200*24;uhttps%3A//video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63;h%u041C%u043E%u0436%u043D%u043E%20%u0441%u043C%u043E%u044...
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;rhttps%3A//newsyou.info/;s1600*1200*24;uhttps%3A//video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63;h%u041C%u043E%u0436%u043D%u043E%20%u0441%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u0431%u0435%u0441%u043A%u043E%u043D%u0435%u0447%u043D%u043E%3A%20%u043D%u0430%20%u0432%u0438%u0434%u0435%u043E%20%u043F%u043E%u043F%u0430%u043B%20%u0441%u0430%u043C%u044B%u0439%20%u043E%u0447%u0430%u0440%u043E%u0432%u0430%u0442%u0435%u043B%u044C%u043D%u044B%u0439%20%u0432%20%u043C%u0438%u0440%u0435%20%u0437%u0435%u0432%u043E%u043A;0.2178213180446944
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:38 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 26 Jan 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:38 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;rhttps%3A//newsyou.info/;s1600*1200*24;uhttps%3A//video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63;h%u041C%u043E%u0436%u043D%u043E%20%u0441%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u0431%u0435%u0441%u043A%u043E%u043D%u0435%u0447%u043D%u043E%3A%20%u043D%u0430%20%u0432%u0438%u0434%u0435%u043E%20%u043F%u043E%u043F%u0430%u043B%20%u0441%u0430%u043C%u044B%u0439%20%u043E%u0447%u0430%u0440%u043E%u0432%u0430%u0442%u0435%u043B%u044C%u043D%u044B%u0439%20%u0432%20%u043C%u0438%u0440%u0435%20%u0437%u0435%u0432%u043E%u043A;0.2178213180446944
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 26 Jan 2021 21:00:00 GMT
truncated
/ Frame 1ED3 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://video.ridus.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
css
fonts.googleapis.com/ Frame BA7A 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:41:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:24 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame BA7A 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc634d28fb9058d4c6dc7326010e7c146b303addaed3e35380c44b4cf552f0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:29:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12839
x-xss-protection
0
server
cafe
etag
15594603483746629101
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:29:06 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/ Frame BA7A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7548dbf6ff83ed583dfb6d62a87364a673eb18403686b425248fdb4ffc00e753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7601
x-xss-protection
0
server
cafe
etag
4205405063411256933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:29:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame BA7A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:28:53 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 32CA 		31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
339b535d5a2bdfeb3147d24d1eabba12ccf36fba176d4f5f98ea014b9d06eedd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:25 GMT
server
cafe
content-length
11747
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
if
a4p.adpartner.pro/tracker/ Frame 32FD 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%228506b69c-4014-45e4-a5be-f76d0f847627%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1692948%2C%22cost%22%3A0.000281633%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2238cb9f4a-b40c-41b9-948b-b7da72e1a54d%22%7D%5D%2C%22unit_id%22%3A7880%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:25 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 0AA0 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%228506b69c-4014-45e4-a5be-f76d0f847627%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.001795671827877%2C%22dsp_id%22%3A47%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2235d0f09d-769d-44fd-a2b2-1269929cb508%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:25 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame C322 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%228506b69c-4014-45e4-a5be-f76d0f847627%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2325246%2C%22cost%22%3A0.000138658%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2275834380-9c77-4cb3-afde-8513726b6a56%22%7D%2C%7B%22ad_id%22%3A1520600%2C%22cost%22%3A0.0000903413%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221f3ade06-0204-427f-a103-ce2e71b43c3a%22%7D%5D%2C%22unit_id%22%3A7883%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:25 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1643297545&ptz=0&pl=en-US&object=13245&template_id=1280&num=3&ref=&output=json&chash=bWU8CEQzVw&extids=&callback=__smiCb1643297543634
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Nootdorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
1b1ff06c8dd66d6496e62c7da45d3b3a5621d3a81138d653bdced79d789afb85
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
css
fonts.googleapis.com/ Frame F38E 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:24:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:25 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame F38E 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc634d28fb9058d4c6dc7326010e7c146b303addaed3e35380c44b4cf552f0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:29:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12839
x-xss-protection
0
server
cafe
etag
15594603483746629101
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:29:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F38E 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:32:25 GMT
bx6ANxqUneKx06UkIXISn3V4Cg.woff2
fonts.gstatic.com/s/tenorsans/v15/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tenorsans/v15/bx6ANxqUneKx06UkIXISn3V4Cg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0519cf59735526c06d770daf25ccbcfd671b85ccf66a0899a38164547402d7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 04:02:51 GMT
x-content-type-options
nosniff
age
214174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18588
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:47:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 04:02:51 GMT
bx6ANxqUneKx06UkIXISn3F4Cl2I.woff2
fonts.gstatic.com/s/tenorsans/v15/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tenorsans/v15/bx6ANxqUneKx06UkIXISn3F4Cl2I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92ff6c3b9be470c8f1495c9a1f71bbe8d1d056f2ff9d86a469c2c10ff2c4aa04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 12:47:06 GMT
x-content-type-options
nosniff
age
182719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11644
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:48:15 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 12:47:06 GMT
wXKrE3kQtZQ4pF3D51jcAA.woff2
fonts.gstatic.com/s/arsenal/v10/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arsenal/v10/wXKrE3kQtZQ4pF3D51jcAA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8b09ee8c9dc1d1dd7bd384aebce89abe8d407667cf2e62d8e94a634de017c71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 22:19:05 GMT
x-content-type-options
nosniff
age
234800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17576
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:46:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 22:19:05 GMT
wXKrE3kQtZQ4pF3D51zcANwr.woff2
fonts.gstatic.com/s/arsenal/v10/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arsenal/v10/wXKrE3kQtZQ4pF3D51zcANwr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06b8a9f750cc161fdfde70296d4c64606c213496ae3e5d0ae9daad37220c0e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:23:28 GMT
x-content-type-options
nosniff
age
162537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10792
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:46:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 18:23:28 GMT
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame F8AF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:25 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
v
fcgi5.gnezdo.ru/ 		1 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/v
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=windows-1251
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
1260009_340f1f3393.jpg
zn3.2xclick.ru/img/400x400/009/ Frame F8AF 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/009/1260009_340f1f3393.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
f17e1bb980e7d0fe619b9a0c533e583490cee54edefdedd55d2c7a826f67ccfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Wed, 26 Jan 2022 18:52:40 GMT
Server
nginx
ETag
"61f19878-52d7"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
21207
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1202473_8bae6ff723.jpg
zn3.2xclick.ru/img/400x400/473/ Frame F8AF 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/473/1202473_8bae6ff723.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
622203097d25a8c7afa5b81fb33f3f015f98e38f865e1ec9eadd208261cf38b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Fri, 24 Sep 2021 09:47:09 GMT
Server
nginx
ETag
"614d9e9d-612c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
24876
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1153108_a465e98b7b.jpg
zn3.2xclick.ru/img/400x400/108/ Frame F8AF 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/108/1153108_a465e98b7b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
c4e0888c40cfca458708441e611877ea3facd789ffc92acf54a49cc45982d833

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Wed, 30 Jun 2021 12:48:05 GMT
Server
nginx
ETag
"60dc6805-87f8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
34808
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0.gif
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HyuwhA8ysymCEEAg==
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HyuwhA8ysymCEEAg==&bounce=1
0
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HyuwhA8ysymCEEAg==&bounce=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51803.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
last-modified
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Thu, 27 Jan 2022 15:32:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
last-modified
Thu, 27 Jan 2022 15:32:24 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HyuwhA8ysymCEEAg==&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Thu, 27 Jan 2022 15:32:24 GMT
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HyuwhA8ysymCEEAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
110
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HyuwhA8ysymCEEAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 27 Jan 2022 15:32:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
1z6ABIIBJV7zAEHTlhRT
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/
Redirect Chain
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HyuwhA8ysymCEEAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/1z6ABIIBJV7zAEHTlhRT
43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/1z6ABIIBJV7zAEHTlhRT
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/1z6ABIIBJV7zAEHTlhRT
date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx/1.19.0
content-length
0
1z6ABIIBJV7zAEHTlhRT
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/
Redirect Chain
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HyuwhA8ysymCEEAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/1z6ABIIBJV7zAEHTlhRT
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/1z6ABIIBJV7zAEHTlhRT
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/1z6ABIIBJV7zAEHTlhRT
date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx/1.19.0
content-length
0
AEqSh_g8Ap-E6CconqswqzA
fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HyuwhA8ysymCEEAg==
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HyuwhA8ysymCEEAg==&tuid=-5928723748
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AEqSh_g8Ap-E6CconqswqzA
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AEqSh_g8Ap-E6CconqswqzA
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:26 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AEqSh_g8Ap-E6CconqswqzA
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&tizer_id=13977&r=0.23565065473556301
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
content-type
image/gif; charset=windows-1251
7850fa92-c262-4632-abc2-98626d7dbf7c
https://video.ridus.ru/ Frame 1ED3 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://video.ridus.ru/7850fa92-c262-4632-abc2-98626d7dbf7c
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=10139&f=2&ref=https%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&gw=300&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3a0a066604448d75c52f260a437e6b8159f833fc8034972d49f7bc1ac9cf72de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA7A 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:32:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame BA7A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:30:30 GMT
l
www.google.com/ads/measurement/ Frame BA7A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUc9iVOFu7JFhIYpbSTI0zQ10VN8JbuIC4UZOPwHSSuWeuR1L2jcHuTfZJ4Xj41dBUeLkt-OCa5x9anhL096t8t5QOhQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame B410 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f12288a625f0e1672cc8825ca4a89d3d5514341b71f1f02f32dd7f15c407baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:25 GMT
server
cafe
content-length
9648
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
eu-node2.solutionslabkit.com/ Frame 4C7A 		43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-node2.solutionslabkit.com/?tpw=i&spr=0.1&dp=244-0172510d1c73289b614782868ac71c19&t=bn&hash=ce75f760fab665bc841466980064cd61
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.161.114 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.161.114.serverel.net
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Transfer-Encoding
chunked
Content-Type
image/gif
aa.js
q.adrta.com/s/bzk/ Frame 4C7A 		906 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/bzk/aa.js?cb=540a1a6698863406949aa8eb7df496f4
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.145.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-145-202.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
fed2f215f9768109087baebaa67d381be63b40019e7af6e1ed261eeede171270

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
906
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
imp
lbs-eu1.ads.betweendigital.com/ Frame 4C7A 		68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lbs-eu1.ads.betweendigital.com/imp?id=bbddffea-2a91-4a39-a4f5-190a3cbc8490&bidid=147&impid=1&adid=UkNZXkgFAxsLXQpGAQVRDwpQXgQBD1c&bannerId=4094193&randsalt=891709&price=0.062373&impression=AAAAAAJEdzxhdgACaQAvAsUUTWjbVtj66pkQggdhGyGXiR1Cu1Xye9LTk1-LcZ3GnZM09cBuwnIx-nmqVcuSkaU6zSmMXcagFEoPOw123GkMdik7lcEuGzvsh7Edt2MOPeS0055si7S0pe2p3xPf974_3vcraNm263oetxTNYlghls4Ui3iGghmydMd2qoQhwHeP73-59M0_vz38tVfyh6NCAT6V-kkyGl-oVEI-Gd-OUtUPvaiy39xtfHy902ptbinb7a7S6TauKtfau-0tZX-3ub8haKfZ3VR2NzeabSjACma6qpkqJqpO4V9pJzr0g8CqGCqSz-75oRtNxvK1royRii7KQkDJRfmAknNyYzQK-B63t_2kYuimcJfPbre6O1fPy4E_4PKH3BlE5-TL_Tga8gozVaQSyjTVxHLH8qzYn3vBIiFIM3KyRDVEsAllghgRwcGfRTg5IyJdBRBYRPx4voJfjvmt3rhvxTzTXthsrGPt_BQreE5zXodCBhmGt-bJ9TCCRYp0jUJxownvXYmtcOClcSJbQ3nH8kMotpqwjFWNGuJgKLocynNnAAyL7aTP45yUMDFhdb27p-jENInCDCZCX_cPD53AdwbyhNtQvqUOUlGjaSwljRBYFUixx07cqyLKQBZsj5uublCduZQiWJkb9LBuVqF0-aMdKN9MU18VwZSudzYgy0qcpTCKh1Ygbl_9BfDfdydn5goACaRp5lN--i3NegNFZgoOyEydWST5bPFUCSOXa-o4CtLEj8JxYNkDP1GdaFipJ7VRPFkb1J4I9aH0ks6jSS1M42BtFHs1pOK1pGaHa31r3K853DQ8kyLPsik1sh3AhFJWRYgSxxU9KDwP_Ac_3jh-_6ie00a08If-QfJCPvd_Z-XbB7_fe_fSD1-8HfxNV-vPfeiV4FH9tLRzIp1qheionmukrBOZ8POVrbq4fLIOBQlmsplBZvH6t_ZOMU9GulPMJvCppKHl6NUqszxTQcw1FOJxrjBsi3UkukHEnHNSFetEdVjQSJU9q3ALQXqAsze-f-PnnzI4rktlHaEDzUClr4vS0WeHs3Eu_PJm9k3fhcJyHsJCtveCin_ITAWnlc82INvWx7pyUp8ZwZMD9j8=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
sspmatch-js
ads.betweendigital.com/ Frame 4C7A 		882 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-js?randsalt=891709&p=44025&consent=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
bda73abcec180b21d406cd02fdb7819c8baef2d337f1b85fd001e4fc2caa7c3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
882
content-type
text/javascript
observerHB.js
cache.betweendigital.com/ Frame 4C7A 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/observerHB.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
864e83842d37ce8850240d3e2423084ddb17b56d5b03ee22a7b08ba2eed49382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
cache-control
public, max-age=900, immutable
last-modified
Thu, 18 Nov 2021 10:49:12 GMT
server
nginx
content-encoding
gzip
etag
W/"61962fa8-ec34"
content-type
application/javascript
score.min.js
js.ad-score.com/ Frame 4C7A 		315 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000787
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c657a546415a348f48b90dd41a0014c4bd984ab8d50577c257c771e140e8db6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 21:19:04 GMT
Content-Encoding
gzip
Age
65602
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 26 Jan 2022 21:19:04 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA60-P2
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
Akw8abD-E06_ff1vypgeGfhfG_0oS7c2XsFQ95R145tgSZkhWqSRsw==
Expires
Thu, 27 Jan 2022 21:19:04 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/ Frame F38E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7548dbf6ff83ed583dfb6d62a87364a673eb18403686b425248fdb4ffc00e753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7601
x-xss-protection
0
server
cafe
etag
4205405063411256933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:29:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame F38E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:28:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame F38E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:30:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-5994697028380609&eid=31064219%2C31063221%2C21065725
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/ Frame A127 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Wed, 26 Jan 2022 16:12:29 GMT
expires
Wed, 09 Feb 2022 16:12:29 GMT
cache-control
public, max-age=1209600
age
83996
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame DB66 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:28:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame DB66 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:30:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DB66 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:32:25 GMT
/
leokross.com/ 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://leokross.com/
Requested by
Host: leokross.com
URL: https://leokross.com/tzl/hEIi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4801e71f4a052b539122ccece472597f3dda8a0b0b0b45417da9805caa6f02eb

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
525217204:3
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics.js
www.google-analytics.com/ Frame 1ED3 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45437881-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7051
date
Thu, 27 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 27 Jan 2022 15:34:54 GMT
logo.png
video.ridus.ru/i/ Frame 1ED3 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.ridus.ru/i/logo.png
Requested by
Host: video.ridus.ru
URL: https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.254.189.130 , Russian Federation, ASN59504 (Hosting vpsville.ru, RU),
Reverse DNS
vps125001.vpsville.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e51ef5dc062045d7af637675efe37c4d85d7b7e57d2b0d86d2d4aa8c3e9cf37a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.ridus.ru/player/101e1169-3c53-4c21-96d6-6a2bdd5d6b63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:25 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 16 May 2021 11:45:16 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
Content-Type
image/png; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
8682
X-XSS-Protection
1; mode=block
X-Application-Context
application:8886
Expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame BFB5 		28 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=3366303577&adk=4264282029&adf=1531042278&pi=t.ma~as.3366303577&w=300&lmt=1643297545&psa=0&format=300x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2217&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600%2C336x300%2C1005x124&nras=2&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&xpc=PqLnFXzueD&p=https%3A//newsyou.info&dtd=2221
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4378c7a24b72ec7e67edb6dacfa54ad6a72f9bca63416c329260b3ebbeb4f93a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 15:32:25 GMT
server
cafe
content-length
10459
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 5170 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:28:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 5170 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:30:30 GMT
l
www.google.com/ads/measurement/ Frame 5170 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0G6VYJMkIPeD5wORvevkP_G-bDVpteg5nPC_Z8zUjri7FSj85C6m_fLLSZpzldfVr8XDL5izHypmf_zcS--exE9EOeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5170 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:32:25 GMT
adframe.php
ad.bsmartad.net/ Frame BDCA 		2 KB
982 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.bsmartad.net/adframe.php?zoneid=11796&bannerid=8069&gdpr=0&gdpr_consent=&consent=1&ref=eyJ1YSI6Ijg4NjYzMDgyNTJkNjNmOWJmNzRiNzRlNjA2ODk2MTQ4IiwiYmlkIjoiYnNkXzZfMjVfMzYwNjFmMmJiMDg1ZjkyZCIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoibmV3c3lvdS5pbmZvIiwiY291bnRyeSI6IkRFVSIsInB1YmlkIjoiNDQwMjUiLCJpcCI6IjE5My4yNy4xNC4wIiwidGltZSI6MTY0MzI5NzU0NH0%3D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:51c0:0:13d:247::1 , Germany, ASN48314 (IP-PROJECTS, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
037014418abbb78ae99c013b8f0cba0ceafc242d91970b77775f942862d7febb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx/1.10.3
date
Thu, 27 Jan 2022 15:32:25 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-encoding
gzip
adview
googleads.g.doubleclick.net/pagead/ Frame DB66 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVi_UCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTTAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGNr9fbJQrbDiRUSJ_RW2PTlReEefrn-5b2Fr-kac7Hg4lIpjYAd6ABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=Vq6qmNPO1VY&uach_m=[UACH]&cid=CAQSOwCNIrLMWGaDFy8BWqPs3sDyaKlE2CQSjxYGndpI7BMpYA5hpeHgyVSBWthdKPJGK5OCoQqwsPLY6nQ5GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame DB66 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jtxk7ww4n36aebpsg7dx3rw8zrehyee1gd03zy7nfht5xgyx2cmq0ynzttwj4f45w2710ytmz8hxw3gwke97re59ykybyc5w8eq261qne0h3fvrhrdhp49dx833rzasq61h60xhn674f8yeajm377fxtvaganc1psgmdzwb59mspzayn47jsvr1bwrj5ac0s7ze3zzw5bdv2s63hh2y2pp3afg03148sw46911mr89yzc7kf90yvec95wmaw7zsggj6j44h3zfnqvaqtzaacj80web7sz7e033je5mvxgadhewdratrvngkb6wvp56gqfz28wfk925edc0kfzzy587fdkd443zvneet5j968nmk9nh0b6r4s6s0pn570zj53vk0dyhqed6b4vq7td6cdxe1cv3t6782ag&b=YfK7CAAIQvcKGKyMAAPyutTs7UNh2fupF4IYww
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame A2E7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jkxcbdmd854w42er26z73ph0q06egarz00sefpbd2v630gbqjm2xzbdwxaj61syr0afgfvm7yr25p4zed4bx4a8ntajz9m7d8htdre8m34j5y8zw6ebe49gprdn8dhegv0032wwgbcw9fwpb77bk3pzf0jvg3hmsbd4kedpy1tfndjagq99ya4qadws6v1a8vf9pt364vqzzbqx6g8pz668f0rbcmgcvq62ftsajk5sqbxeze2ykqvhmran7g1jw272x2arajhzd7xeyq2ahybbk3622gesxw4gswkb7stn029wpctfnax8505hp4hsjm7nwh2fkkrr2a3dhhegv08hqdwk0mcyta7z7bhxpy23zrrsv7nx5bz6prw28a4mr8pg85v4ccq80fgpfyz823qgg2s86756d0dsbn79t6ry93vfx22n3v1x8ntv3nt3qj20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a076550ac29a200be5f041eda4ef09f4c23d3aeb019311a49707482528b97064
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d43089ce8b70f86-MXP
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8FBA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
7573
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
img
pix.eu.criteo.net/img/ Frame BA7A 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&ups=1&v=3&w=800&s=DIvQDPPIDFzhxkwQ_EvnqIEM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bdb3d3edb1b60ab841da073b2b059f994f439e25d2c7ebe8e9a2831056aa0c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:50:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
279743
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31379811
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
176180
expires
Sun, 22 Jan 2023 14:26:52 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BA7A 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 12:42:17 GMT
x-content-type-options
nosniff
age
442208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 22 Jan 2023 12:42:17 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 15:15:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:25 GMT
38170-440546-D9b.jpg
i.mixadvert.com/8174/38170/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-440546-D9b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
c6f7e013559d55c96d0175a0fe0b25bfc684cf6db0a2e2c1dc1efeca8ac5942b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 28 Dec 2021 11:58:21 GMT
Server
nginx/1.12.1
ETag
"61cafbdd-7f40"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32576
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-441677-fiH.jpg
i.mixadvert.com/8174/38170/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-441677-fiH.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
c1b9570fbda05a8c7581fca7882e8337cf26285ae607b2ba040c7805ff7b79f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 25 Jan 2022 10:43:13 GMT
Server
nginx/1.12.1
ETag
"61efd441-4c92"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19602
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-440544-i7A.jpg
i.mixadvert.com/8174/38170/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-440544-i7A.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
7b69b7aa20f78f4f3d34340188accae54f1135fc5862fa4cc8c225f56e2fb77f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 28 Dec 2021 11:57:47 GMT
Server
nginx/1.12.1
ETag
"61cafbbb-478f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18319
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery_1_7_2.js
m.mixadvert.com/show/application/js/ Frame 2705 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/application/js/jquery_1_7_2.js
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7879&r=0.426062461653945
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 /
Resource Hash
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
last-modified
Mon, 17 Oct 2016 18:47:41 GMT
server
nginx/1.12.0
etag
"58051ccd-17278"
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
94840
expires
Thu, 31 Dec 2037 23:55:55 GMT
newsyou.info.1122348.es6.js
jsc.mgid.com/n/e/ Frame D367 		239 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
br
cf-cache-status
HIT
age
506
last-modified
Thu, 02 Dec 2021 15:43:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0ZDRC3K0AFR1G57C
x-amz-id-2
CZ3T8yFPiY0jrQ12KXYYJrG2RmHgPn6coC6aylbEPSwQ41s7h3Sd7mlvEyzxlfGuy1nK/jsq/Ik=
cf-bgj
minify
server
cloudflare
etag
W/"3549c59b252a1dff4f0ed90218a6b365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d43089b5e9668e5-FRA
expires
Thu, 27 Jan 2022 18:32:25 GMT
newsyou.info.1146775.es6.js
jsc.mgid.com/n/e/ Frame D4F9 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
br
cf-cache-status
HIT
age
531
last-modified
Thu, 02 Dec 2021 15:50:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
326E4JEHN2167RNE
x-amz-id-2
KH1XNkJOfKM8IzG2PuOCyAOzBpA6L+4QFH0EQ1e68ByC57Grv5dlEyGzi0e6kUUJM5R4e9Qz/3Q=
cf-bgj
minify
server
cloudflare
etag
W/"bc159291689d374b57f73dde254fa617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d43089b7ec268e5-FRA
expires
Thu, 27 Jan 2022 18:32:25 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 12:42:17 GMT
x-content-type-options
nosniff
age
442208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 22 Jan 2023 12:42:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:59:49 GMT
x-content-type-options
nosniff
age
160356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 18:59:49 GMT
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame B1BC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
v
fcgi5.gnezdo.ru/ 		1 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/v
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=windows-1251
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
1229659_e50778e041.jpg
zn3.2xclick.ru/img/400x400/659/ Frame B1BC 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/659/1229659_e50778e041.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
fa6c76fa83584ee30e11e6e6391b5f2991e8cd45c4cb4e66fd0fcdb1bb5a70c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 23 Nov 2021 08:48:27 GMT
Server
nginx
ETag
"619caadb-97da"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
38874
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1260303_74476062f7.jpg
zn3.2xclick.ru/img/400x400/303/ Frame B1BC 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/303/1260303_74476062f7.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
e38c3a440173e613f112ccab52570ecd4069cf7c3397f91a93f130987c85ef24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:27 GMT
Last-Modified
Thu, 27 Jan 2022 12:49:40 GMT
Server
nginx
ETag
"61f294e4-689a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
26778
Expires
Thu, 31 Dec 2037 23:55:55 GMT
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HyuwhA8ysymCEEAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
108
x-xss-protection
1; mode=block
expires
-1
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&tizer_id=10139&r=0.2839414623734273
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
content-type
image/gif; charset=windows-1251
adview
googleads.g.doubleclick.net/pagead/ Frame 5170 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvsAlCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE2QFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6lMPs3VDg8Oh7m9jaOE3vSy-0LbUqcX__N2xcUhZsEsxQWluoxMsgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=UrRYVPrlRzY&uach_m=[UACH]&cid=CAQSOwCNIrLMnZM7OebIIYk_3lbxWwfVLh2XRlu4x4K-1ari5Kj2M55XwevBGwuDND7SJhY-VxxzaSKgtEK6GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 5170 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1k8vm37epkc4y1snvjw0av79rh63as8v24xe0w1reck16fvb9s4q0ttt0kknan436mr0ynze306c4v9mm9kqpq7z2bpehv9q6kvqm24r41c83pc0rw3w6j0k6f4e3h7vq6yhjbscxeqw7hym6rs98zmtm2fqp8gx2649ac614fh4vtj9qr3k1f9er7shjtd1y83rtej3f44dmjcdxkketzd6jdkbbq30axq3djbcfbhe6ga1a0b7fsq2r9c1fjws4scwn9t9j126w5krwbq3rmxa28b31vbtbvnapf7mmpvxvb0j431x4k9g5hct1jt3e910wv5k00c7bjvd43vzn2mk6a1d0ry6cq4eap4j3qbg6d7qh54f64zcp6fpjz2bzy5tnvb3dk73r9nvy2jez4j35pap2qcyj0&b=YfK7CAAKO6QKewqrAALtlaTq-2rgkTGZikCx-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame AE07 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1k9ac6tfhw3caf1tjr1evjswa4g9z3m9a6e60841npp5hsdy1763v5sjkdchf4j5b5dte07vzhcrf2pray6dksbp028jqemnjf77wxbpg9rze75htpnrz7cjdqpjdwszncsfcnc32sbdw7dbwj1zg8jp5xd45emj8bdedyy7yy7az5kbtdp3zrbqt8a323xt0t5sx2w34h4a16bccdgcf2nzcznked5sra4dxag8f69dwx61rah1sthtj881kfkryzr9hj58mdzpgtdsdzext5896qc7bx9n1xg22fzq8qp13ym7wxk84myk3mnfyt9e3d84y1g4k9emmwbmgjnmcyz6z2x56nsggfwr3kgwd3031035pm8apkw50r0wsav7yj2xh5jswywx0xgzvx8rygvvwbsmnbp56dtc18xbcezf9b951tnhzhq22pb32kzth8pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd31492944e153803bfb1638bb658e97f7bdbe526e522163cd181d1445cb57a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d43089ce8c60f86-MXP
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1AE0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
7573
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13978&f=2&ref=https%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&gw=300&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
50c0e7d35d4fbad3aa77ec5ab625a64e3ca9b1daf9af619a3231b4c5e4d3bdaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
adview
googleads.g.doubleclick.net/pagead/ Frame BA7A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-aE-CLvyYcPaEdHPYJmklcAByZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHVttLqA8gBCakCRGMcKwXFsj6oAwHIAwKqBNkBT9BtjR5ViYltZKZebhL5DN-AMIE_iEQcrjfLtvQZflxhMTWocVECDiHW3jb97uMH5UoPdd511WmVKLYpRNCE4gKHQSsj3Jro8qoPf7oRrWjxRj19qJPDQQKLlkvoyYG7HKfLgfRP9NsmnfrPvmfZdL6xLnYl4pc_MxZdBdRwXq0NvFWTeD3rKAcuuwbZJ-rK3tii5oJmgh5QSfjqgJA6Yu7z909vLFrxpGhOChULcd-FQaONTxYJ1MxB9lX6c9cu2akf19ixO-JcC47FgcK8639mzcO2Ys_AqoAG-JvGlr_ylNzXAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=BXpuOkE6nu8&uach_m=[UACH]&cid=CAQSKQCNIrLMpXQhD1El8SnmHQTBZf2Ao3Uu5UauClRhcs--K-119iUkp6r-GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lgn.php
cat.nl.eu.criteo.com/m/delivery/ Frame BA7A 		43 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lgn.php?cppv=3&cpp=fbqlPVCR97rQ6zWi_MU_hO6-8y4kTf2PVKV7aObNUFSt8grlE7MiJel0sAptl-gfZF23e02cfonxUb3XQFyQa3kzp_bZDHsrjIs6kk0bSki2KkP1T_b6IXxs8uJ7YMBqDSJQ5OaihEAm9yzaOyqz9WeWd4hO37XODOVdY7G79X-gPyB6TrkiHHwx0NAVQJHzYBaE4qaeLLMS8_1XnKgG4XFtKz20yU2nGqBtxRivv_Gl1fhckQRjwlTS1K35yytQn4F_HfcWOtugvIkrt3hS2awqhprQLdEcdjTyXpQfCabDxK5J5o_kr-wzjdrYXp2IvMhagyaOwboBA2R5KJ7pcgymByPgKQvL5g-gRc00hPUKGkXfz7h-DNFroEakudoX7bw9UL8ZYo4gRYopG4MpAjuSYsTe05q9skPcoFqTKzH9an6z7tg_ZbgIN9c4dAB9wKrogSTxjJufpp9laWtnZsIfy9SjRGqwlulzMsdP2LmwHEa-ID__RiC8KtWm1wVctiyKTQ&z=YfK7CAAEbUMKGCfRAAVSGbSs2_mgrrm6vQ_HBw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3150311
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame BA7A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEYrGMAAAnYNiAgIAAAB7oL4v5Jt7zBAHu_JhoWdkU2j17vO8YLUAEg&wp=YfK7CAAEbUMKGCfRAAVSGbSs2_mgrrm6vQ_HBw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
server
Kestrel
server-processing-duration-in-ticks
301186
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame BA7A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1vgkCLvyYcPaEdHPYJmklcAByZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHVttLqA8gBCakCRGMcKwXFsj6oAwGqBNkBT9BtjR5ViYltZKZebhL5DN-AMIE_iEQcrjfLtvQZflxhMTWocVECDiHW3jb97uMH5UoPdd511WmVKLYpRNCE4gKHQSsj3Jro8qoPf7oRrWjxRj19qJPDQQKLlkvoyYG7HKfLgfRP9NsmnfrPvmfZdL6xLnYl4pc_MxZdBdRwXq0NvFWTeD3rKAcuuwbZJ-rK3tii5oJmgh5QSfjqgJA6Yu7z909vLFrxpGhOChULcd-FQaONTxYJ1MxB9lX6c9cu2akf19ixO-JcC47FgcK8639mzcO2Ys_AqoAG-JvGlr_ylNzXAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=FMqeEUXYd4M&uach_m=[UACH]&cid=CAQSKQCNIrLMpXQhD1El8SnmHQTBZf2Ao3Uu5UauClRhcs--K-119iUkp6r-GAE&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
informer
data.24smi.net/ 		662 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1643297545&ptz=0&pl=en-US&object=13248&template_id=1282&num=1&ref=&output=json&chash=bWU8CEQzVw&extids=&callback=__smiCb1643297543635
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Nootdorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
e6bae7b39571a75bfc832921f67e8baecda1ad303c43049bc3c54e50cc78f2f0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
content-length
662
/
m.mixadvert.com/show/load/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5876&id_name=TyQRy&teaser_name=sbZszFE&block_name=YnldKT&ban_teaser=440546,441677,440544,441677,440546&r=0.20838969653890493&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5876&r=0.09707633312054242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
2fe078ef605b389e7581a3e3e8e316e4639fe60c84b47988617c94ad3dd4bf20
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0103 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Thu, 27 Jan 2022 15:03:01 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
1764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0E2A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
7573
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5603cdb009492e0-1632490691.jpg
img-light.com/upload/202109/23a06342341de879/ Frame 588B 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-light.com/upload/202109/23a06342341de879/5603cdb009492e0-1632490691.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c78e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ed4c0d7d61b2cb849041896ae944485604891dbe3c891dd3dbf4fbe86c6a697

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5296
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13465
last-modified
Fri, 24 Sep 2021 13:38:11 GMT
server
cloudflare
etag
"614dd4c3-3499"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CftJ1Ki52Db232df0Xjr190I6bGtPZHLVrT4M45ifJkD1%2FUzt%2BmdHqWXHZ8LNsw4utka%2B%2FzR8%2Fhq8wiY6ub08D81YJYJCxb5CrxZXaHVggHT2IWZBY5mV9CnxpsPwfwBzVm2eeG4e4hdLxFG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
http://img-light.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d43089c4cd2599b-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
adview
googleads.g.doubleclick.net/pagead/ Frame 4D48 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CijktCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE2QFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyKH4JRBklCZsll013W2VBBHXpcdkBw4zTkg2SZ65ZsR-yrqbTtoDgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=KxqCjq7ASgA&uach_m=[UACH]&cid=CAQSOwCNIrLMwu9i5Dh9QBfDYK9Hg1lwiqFolYaPVQip_4KtYK_imexSUE1YNA399d86AIDQ__T1X2XeKlIqGAE
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1643297544&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1589&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=3390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=lWmNVgJi3G&p=https%3A//newsyou.info&dtd=1599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 4D48 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jq5fwzkzfadtvrh4vsnyyjbdhqnj8vqexfwnprcndpky9xrfwj9y87gxp6abncb1rfbfvd8ynjs9wf581zzvd3c0r001t3vnhh6e4sv13t1v4gvpewy7mzh9a8dah1gh4nxzbymv84rztzv88t8can7rjd3mn35ss6azyzkqy0bgh0wq97z7xxkhm0aw0hmggjpf46rqtv4hnx0gjhn5c9r0qstnfzz2a5t3gd28emers897y9pxqjqgp11r876f95raz0df6z0rks4wc2mmaq2xwz158h2wr6zk1n0xh1kfpjq58nsxm50rt99wjx0f9wzm0eqp3dge56229twkp8tajbrgnxbpzs3yvzn47wvzyzx5jjxj2yg2t6q1cbhtddt3wm3awbk1f65tdax723c8zwjm&b=YfK7CAANDVgKewdkAA104Oz4mKU0gf5RqmYBKQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 891D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jfrgvsw1xzhngfhcvfvgs5fkqsw54hxct4fkc012envfhqt6v4g8s5rer20hqs9tkpcgax9rq0gp4bbmyw0ht87934bvc2qg3h00afgdde9f4qpvznd4tvwyxq23334cwcfaa26ezdsk1t2xw42v4k0m4nj6snc62pn37x8asjwqbhz8jzyds2714rsxgccm49c0d2snefc4tv9fgqshbnaepxse8n95q9whsadtk2c92cxhzrde7hbkmn9bxwgjf8yy1kfsbyf64bdb9szjzd6zxx85z7pypad9gq7vtf7k3h4nv4j3x5bkn0kre75qq1eq1dr99v27ycct36pm200wcjzhx94z2s3491wdhw8hz51tt5b3g9yykhszp9s5js0swrb0efbxby575pyx01p7ypqr4k023z347pv6r1s2txw869dr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1643297544&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1589&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=3390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=lWmNVgJi3G&p=https%3A//newsyou.info&dtd=1599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb7fb824921a639b60f79d5573b85ac59bf9ae8d2362db025264449f7fe5f56
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d43089ce8ca0f86-MXP
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 4D48 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1643297544&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1589&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=3390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=lWmNVgJi3G&p=https%3A//newsyou.info&dtd=1599
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:28:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 497A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1643297544&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1589&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=3390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=lWmNVgJi3G&p=https%3A//newsyou.info&dtd=1599
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
7573
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 4D48 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1643297544&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1589&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=3390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=lWmNVgJi3G&p=https%3A//newsyou.info&dtd=1599
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:30:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D48 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1643297544&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1589&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=3390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=lWmNVgJi3G&p=https%3A//newsyou.info&dtd=1599
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:32:25 GMT
dr
as.ad4m.at/ad/ Frame DD16 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g8jzgdkg7cabxb17wafdtxzmjqvhb5ng57xzpns5gwxbhfbt95sy8vzbnss6mntwnvtyw6dwdyrkbwkq5x4r71wht0nagm8yyx4ej9fypv641eb9ydg8gerge6vfxhteb71dqw29539py86519v3smx1kgjg1zagnbdy84a3qcf2db9dxf7m9hmq07q054yb00xmrqxrtnrdhjnd0kchpp45saj9jz9xr7tv0kepqrxn9fyp0hqcnvbfc03y64wj685dwnwct97yck0tgskvwgx0619gt3zd7bnh3j1ebyfy6jmfafwkac26d9qn3dyn317zz9xzwmmp7kdh51w2sq8qxkqhk0q81rs8nzegafbf6bjmj3v2bdmk0vh4r6fjm6yztjzvskgx3fxave8a40rg3dzhzzxrmn9667tdybxvkjm6c7afqxw1j3vc4dpxjpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a6f0f4630a28a6f291d78532d525ce78d3eac5cee29f19b7cdf14cb4b135aa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d43089ce8c80f86-MXP
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 7A2C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:28:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3627 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
7573
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 7A2C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:30:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7A2C 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:32:25 GMT
truncated
/ Frame BA7A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b463a619c3ad52336074d4d0c301a005645836a4b34e268d5c3cefa8d6faab9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame F38E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CsV0sCLvyYeuZG8b03wPsprH4Bsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMByAMCqgTZAU_QGsXQ0MbWroNvBK235Fz4M7S5pXVTitlX_aKGu1oTISOeSgYj8zjYFzHP5GZNTiCljRUIEJuEwTwp7fK7uASc-Bh2VISgUCdW8CyCqv2v4VA7alGtC42FEgu99Wq6DQwa43oHxXsFGN2bC1dDhU8W7gkcADT1dOEvutsI5-kDH3YVcTfK9BLpa2jrTTeNW5kpUr42LvA6TZahNJDcD1zFH7sOZnN3qB9DRELxsIPxJ4d8qA-XgYUnbadmelWV5Sv9PlJdgBU5e1_PkHTeqkIxRLu32u4ZKcSABvibxpa_8pTc1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=NE3V_UkBXis&uach_m=[UACH]&cid=CAQSOwCNIrLMaTGIcrLuqi1k3nDuvp2q4wAWaY_d80YX1bOaYTzi4xBW9k7AD3c_z3OjUys8wZB9i2lX2_8UGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lgn.php
cat.nl.eu.criteo.com/m/delivery/ Frame F38E 		43 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lgn.php?cppv=3&cpp=WMfpHFCR97rQ6zWi_MU_hO6-8y7ln8oEoT0oZMdo4v9HOORlxM9QKYfSMligGDwGAK2VF9IWzQkT4C2XIG1aP_Xnu0h0z3s0UKbG5gsgCMHjDu80xL9WVe2-t5vi_MYxWJp6dgUD-Pl4PB9Se2soyS1LabpmVGt-9tipzbcgzastMIbKeCNPX7TatJJK9dx_wZNKgM4jRkuuVRvC-QAVKb2xJLNvQ31w83YZ0YPjKKtG_P1Ba2XNfoZXiWRfDUU2pe00XldHS_FIhDWqEjUq423CwtdngMguZ8FAos0rrvnNXdhvZqGFqObyN76i13l7wz_CaqvbnVFCFxU8kwln2pdyflR16RHJTKlJwiK1462yig7QpLULYgJ0KNdbTA2APVvsvNeL7RyxGdGDzjiMcztB7Be2nDOhMIcQsMwEBdhvmqTeX0IGo6P8KmN7GE1FKqJ2z1Sr9CfD_VighWrQlhpqU4kYsZAAXMx2ZALEdBUvBNwof7W_4m4A_sK6uKz8gSHN0w&z=YfK7CAAGzOsKd_pGAAxTbHilmPeLGqK2F3u5Sw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2902918
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame F38E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEYrGMAAAnYNiAgIAAAAVVnE9SM7uORAIu_JhX-AFmFyQ01NZ40MAEg&wp=YfK7CAAGzOsKd_pGAAxTbHilmPeLGqK2F3u5Sw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
server
Kestrel
server-processing-duration-in-ticks
132188
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame F38E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cp0sVCLvyYeuZG8b03wPsprH4Bsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTZAU_QGsXQ0MbWroNvBK235Fz4M7S5pXVTitlX_aKGu1oTISOeSgYj8zjYFzHP5GZNTiCljRUIEJuEwTwp7fK7uASc-Bh2VISgUCdW8CyCqv2v4VA7alGtC42FEgu99Wq6DQwa43oHxXsFGN2bC1dDhU8W7gkcADT1dOEvutsI5-kDH3YVcTfK9BLpa2jrTTeNW5kpUr42LvA6TZahNJDcD1zFH7sOZnN3qB9DRELxsIPxJ4d8qA-XgYUnbadmelWV5Sv9PlJdgBU5e1_PkHTeqkIxRLu32u4ZKcSABvibxpa_8pTc1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=Mx6GPRQnxiY&uach_m=[UACH]&cid=CAQSOwCNIrLMaTGIcrLuqi1k3nDuvp2q4wAWaY_d80YX1bOaYTzi4xBW9k7AD3c_z3OjUys8wZB9i2lX2_8UGAE&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame CF2A 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Thu, 27 Jan 2022 15:03:01 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
1764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0948 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
7573
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
img
pix.eu.criteo.net/img/ Frame F38E 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&ups=1&v=3&w=800&s=DIvQDPPIDFzhxkwQ_EvnqIEM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bdb3d3edb1b60ab841da073b2b059f994f439e25d2c7ebe8e9a2831056aa0c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:50:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
279744
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31379811
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
176180
expires
Sun, 22 Jan 2023 14:26:52 GMT
truncated
/ Frame F38E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a213a54c178ddf3123f85eaa4fc04d3dbb8693b9d296679544e36d3f8cf58fa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F38E 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 12:42:17 GMT
x-content-type-options
nosniff
age
442208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 22 Jan 2023 12:42:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A127 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3WqiB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTUAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrQk10tOktXo1W3hkWzYB7v4n1SHAFPawvepXfOHuxmzVTFvzAZ11gAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=N3PrVg6ibNk&uach_m=[UACH]&cid=CAQSGwCNIrLMKBVoqtrkHpYXOfRbXLF404vfgtPR8hgB
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame A127 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEcz6RO0HfJ2DYgICAAAAGo6eV-wFOgIQB7vyYSh1Z0f4lwmhcirMABI&wp=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
server
Kestrel
server-processing-duration-in-ticks
265035
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame D2AC 		139 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4095bcfb1693e5866b7c06342e66b041385685367f848b00aedb4c73ea3a3d2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=C3twvH_YWwLOacetzAtVMyHo2kIFieVZdTWxeIISAK2Afa63xUaCHa056XKjfdolWRycl4B-UH9fzjJWfHqMtOyfavs1Ki60GRqyMrB_cDQ5c_f-rTPKB79SqNLaWyWtJItJW24xI-7rrkuPw9M7eohqy0gmjuH4dOYJEe5Av_NdPMqgqKUIU2b0TfzqBfHl9WX_eGetk1ufXYRqcw8Y1YTFE0mwbZDT7UhtWwF18vNDlm7YCCeos1p8TJk76442ZZCaaRGzl7lvmCI_"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
87047919
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame A127 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:28:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A127 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:32:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame A127 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:30:30 GMT
truncated
/ Frame DB66 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70ddc3c62be6833fc77118ef9a54348be0b5545b227e70c2d9c17403420f70fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5170 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fd9fae9cc3ac4b69c72b5639943e6b15a3b94f6f9cf8edbc1febce55a3c78c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
m.mixadvert.com/show/load/ Frame 588B 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5709&id_name=dbAkk&teaser_name=ssfthyR&block_name=pBBrjY&ban_teaser=&r=0.4252088532038807&host=newsyou.info&ref=https://newsyou.info/
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5709&r=0.007324394361965636
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
a31dcbc49a84f26a46fa648b568935c37576607df450b198cf3e9098a6189b53
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame B410 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:28:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame B410 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:30:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B410 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:32:26 GMT
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 05A2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
v
fcgi5.gnezdo.ru/ 		1 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/v
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=windows-1251
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
1259767_101fee6087.jpg
zn3.2xclick.ru/img/400x400/767/ Frame 05A2 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/767/1259767_101fee6087.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
1ad97039c65fdfaaf7841fa4564e4b0563b3d716f5133e831b49665c96f2785b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:27 GMT
Last-Modified
Wed, 26 Jan 2022 11:15:07 GMT
Server
nginx
ETag
"61f12d3b-502d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
20525
Expires
Thu, 31 Dec 2037 23:55:55 GMT
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HyuwhA8ysymCEEAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
111
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HyuwhA8ysymCEEAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 27 Jan 2022 15:32:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&tizer_id=13978&r=0.04915985011214685
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
nginx
content-type
image/gif; charset=windows-1251
/
m.mixadvert.com/show/load/ Frame 2705 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7879&id_name=DFfTE&teaser_name=ljeFDmj&block_name=SmiRmG&ban_teaser=&r=0.7468377691178767&host=newsyou.info&ref=https://newsyou.info/
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7879&r=0.426062461653945
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
f496f4baed5ae06903f102b282619b7b25b7325a9bf273ef6bd700c56d475dd5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
informer
data.24smi.net/ 		1 KB
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1643297545&ptz=0&pl=en-US&object=13267&template_id=1281&num=2&ref=&output=json&chash=bWU8CEQzVw&extids=&callback=__smiCb1643297543636
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Nootdorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
bb8469d6840e62c2077575d82966ba9c8494f36ff153dc9849099de728fd0b74
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:25 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
juui_banner_300_250_sale.png
www.juui.de/sites/default/files/ Frame BDCA
Redirect Chain
  • https://t.adcell.com/p/image?promoId=237205&slotId=77305&subId=brdkxzaahxktakmswxhuaaapanmwnmn
  • https://www.juui.de/sites/default/files/juui_banner_300_250_sale.png
93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.juui.de/sites/default/files/juui_banner_300_250_sale.png
Requested by
Host: ad.bsmartad.net
URL: https://ad.bsmartad.net/adframe.php?zoneid=11796&bannerid=8069&gdpr=0&gdpr_consent=&consent=1&ref=eyJ1YSI6Ijg4NjYzMDgyNTJkNjNmOWJmNzRiNzRlNjA2ODk2MTQ4IiwiYmlkIjoiYnNkXzZfMjVfMzYwNjFmMmJiMDg1ZjkyZCIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoibmV3c3lvdS5pbmZvIiwiY291bnRyeSI6IkRFVSIsInB1YmlkIjoiNDQwMjUiLCJpcCI6IjE5My4yNy4xNC4wIiwidGltZSI6MTY0MzI5NzU0NH0%3D
Protocol
HTTP/1.1
Server
116.203.103.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.102.103.203.116.clients.your-server.de
Software
Apache/2.4.29 /
Resource Hash
0a1ff67487bc5abf1d426fa3d6a16dd037f064cd6fa87c35f220b11e8568b075
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.bsmartad.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 23 Sep 2020 13:16:59 GMT
Server
Apache/2.4.29
ETag
"173ee-5affae608a404"
Content-Type
image/png
Cache-Control
max-age=1333600, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
95214
Expires
Fri, 27 Jan 2023 15:32:27 GMT

Redirect headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
myracloud
strict-transport-security
max-age=15768000
content-type
text/html
location
https://www.juui.de/sites/default/files/juui_banner_300_250_sale.png
cache-control
max-age=0
content-length
0
expires
Thu, 27 Jan 2022 15:32:26 GMT
imp.php
rtbnote.bsmartdata.com/ Frame BDCA 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtbnote.bsmartdata.com/imp.php?bid=bsd_6_25_36061f2bb085f92d&ref=eyJ1YSI6Ijg4NjYzMDgyNTJkNjNmOWJmNzRiNzRlNjA2ODk2MTQ4IiwiYmlkIjoiYnNkXzZfMjVfMzYwNjFmMmJiMDg1ZjkyZCIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoibmV3c3lvdS5pbmZvIiwiY291bnRyeSI6IkRFVSIsInB1YmlkIjoiNDQwMjUiLCJpcCI6IjE5My4yNy4xNC4wIiwidGltZSI6MTY0MzI5NzU0NH0=
Requested by
Host: ad.bsmartad.net
URL: https://ad.bsmartad.net/adframe.php?zoneid=11796&bannerid=8069&gdpr=0&gdpr_consent=&consent=1&ref=eyJ1YSI6Ijg4NjYzMDgyNTJkNjNmOWJmNzRiNzRlNjA2ODk2MTQ4IiwiYmlkIjoiYnNkXzZfMjVfMzYwNjFmMmJiMDg1ZjkyZCIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoibmV3c3lvdS5pbmZvIiwiY291bnRyeSI6IkRFVSIsInB1YmlkIjoiNDQwMjUiLCJpcCI6IjE5My4yNy4xNC4wIiwidGltZSI6MTY0MzI5NzU0NH0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.90.198.147 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.bsmartad.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
r.js
q.adrta.com/s/bzk/ Frame 4C7A 		127 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/bzk/r.js?v=21.20&rcb=900489&cb=540a1a6698863406949aa8eb7df496f4
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/bzk/aa.js?cb=540a1a6698863406949aa8eb7df496f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.145.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-145-202.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
16583ac39dca82c44dce08d71e074887aa602fecc879ea5b58b1c2ec71536ecd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:26 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
127
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
bidder_18.html
cache.betweendigital.com/code/ Frame 0D68 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e0d259f7-d705-511b-a212-861bc3e03d12&CACHEBUSTER=713126
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?randsalt=891709&p=44025&consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:26 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
match
ads.betweendigital.com/ Frame 4C7A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D9c4433cc-c82f-4416-9bab-dec64166040...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=922f61f2-bb0a-4200-bb27-77e84cf59b91&expires=30&ssp=between&bsw_param=9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
Date
Thu, 27 Jan 2022 15:32:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/ Frame 4C7A
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eQNw1Kvbgk8.AikABlF-nCqbTQ
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eQNw1Kvbgk8.AikABlF-nCqbTQ
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eQNw1Kvbgk8.AikABlF-nCqbTQ
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame 4C7A
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=bfba14a6e18c61d8fc7f5729
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=bfba14a6e18c61d8fc7f5729
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 27 Jan 2022 15:32:27 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=bfba14a6e18c61d8fc7f5729
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
match
ads.betweendigital.com/ Frame 4C7A
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=e0d259f7-d705-511b-a212-861bc3e03d12
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiK9sqPBlIFvp7KygpiJGUwZDI1OWY3LWQ3MDUtNTExYi1hMjEyLTg2MWJjM2UwM2QxMg**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiK9sqPBlIFvp7KygpiJGUwZDI1OWY3LWQ3MDUtNTExYi1hMjEyLTg2MWJjM2UwM2QxMqIBEFT3jVp_hhHspukAJZDIJDc*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABiK9sqPBmIkZTBkMjU5ZjctZDcwNS01MTFiLWEyMTItODYxYmMzZTAzZDEyogEQVPeNWn-GEeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARiK9sqPBmIkZTBkMjU5ZjctZDcwNS01MTFiLWEyMTItODYxYmMzZTAzZDEyogEQVPeNWn-GEeym6QAlkMgkNw**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=54f78d5a-7f86-11ec-a6e9-002590c82437
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=54f78d5a-7f86-11ec-a6e9-002590c82437
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=54f78d5a-7f86-11ec-a6e9-002590c82437
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
fltiukqt.js
pixel.yabidos.com/ Frame 4C7A
Redirect Chain
  • https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=newsyou.info&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
  • https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=newsyou.info&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=newsyou.info&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70e3c0db90a8461e326b4ef6759e9250f3acb722bfb2db60302d284ca13a7f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 23 Jan 2022 10:32:24 GMT
server
cloudflare
age
3449
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6d4308a499a539f9-CDG
content-length
1601
expires
Thu, 27 Jan 2022 17:32:26 GMT

Redirect headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=newsyou.info&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control
max-age=3600
cf-ray
6d4308a37db439f9-CDG
expires
Thu, 27 Jan 2022 16:32:26 GMT
63323940
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 4C7A
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/63323940
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/63323940
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/63323940
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.15/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.15/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
server
ms-counter-3.2.15/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/63323940
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
js
ads.betweendigital.com/ Frame 4C7A 		68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/js?en=anNfcnVu&context=AAAAAEE3G0hhdgACdwAvAsVTPWzTQBS2X01UVVWQKoaqk8WAWtRz7uyznWtVRf0JpD9pkJKmokvkxBdi8uPKcZrSqUIsCKliYUZiZERiQUwsLCAGGBArjB0YOjFxjhMoQp377vTevZ_Tve_de5CrVl23XucO0h1GEHUMhhxaNxFh2DFq1VqaMgzk6emz55Ovvn9597kyfuDxviTBI7kRhvvdhVSqw_vdB35P8zp1P7WXLS_f3SnmcusbaLNQQsXS8hbaLpQLG2ivnN1bE7KYLa2j8vpatgASTBNmaLqtEaoZFvyQ8_6R12o5KVPD6uyu13H9flfdLqkEa3hRFQaLLqqHFp1Tl_f3W3yXVze9MGUatriuzm7mSvmtebXlNbl6m9ea_py62gj8Nk8xW8MatZiu2UQtOnUn8Ia3YIJSrJsjMWnpmBIbkhQzKpKDrwqcjYlMZwAEFxmfxyv0qYAfVLoNJ-CRd2F9eYXo8wOOyFCOdAOkiCIO14bgKgTDhIUN3QJlLQvXbwVOp1nvBaHqtNW843VAyWVhimi6ZYpFQHE5JIeXAQhMFMIGD0YiQagNMyulXWRQ26aImUykvuIdHdVaXq2p9nkVkgdasydqNMgloVMKM4KharcWVNLYYqAKtcJt1zAtg7mWhWF6GFAhhp2GxOqdPCTv93qe5kaopUFhJjt-0HZa4vTiG8Cv12djQweADPIA9UAf7Mn4X0BhttCAxu4oIhz1Fe-hju9yXev6rV7o-Z1uy6k2vVCr-e1UJlzaD_o3mkvn05QuJO_N-3unN48zF0dcBv3M_IEtSeePIz1KODbLUZUi45PpjYw4PFwBSYbYFgdEEZc_TSfKCIl8oiR2imv_gYZczUinmVO3EWauiWidc8RIVYwJNUwq-o_TtGhzy4BxnabZRcWT3175-CGi04ycNDA-1E2ceKnIx4-P4jaTPl2N9uBNkKZGz49HsyikmOvYJYLlvyUfTNC57zjLxEHwz_f8Bg==&tld=bmV3c3lvdS5pbmZv
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame B410 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ChY7aCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTkAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUEDV-Tg3UzsXSif-NDWETZBVwaIYWNVH3Gs_K-VXRvEtARXmZ6Ck4AG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=eHhWdugfxiQ&uach_m=[UACH]&cid=CAQSOwCNIrLMEi7-rpv4vFbd2xjRszYJGYCnpbqK90OOJlN5qbXcPQcml9E0WD0ecOl3Z5zDaNjm50AzxzEXGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame B410 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEcz6RNACrAKdg2ICAgAAAPyEArgCSVftEAi78mE8Dx_PhqgQqtyk6QAS&wp=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
Kestrel
server-processing-duration-in-ticks
273188
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 34D5 		152 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
85070573083b76cc0d26795c5cc32a39b2dba7d82b6e19b2e2cc6c920684d345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2VFZqn_YWwLOacetTeKiU6jXClXWYaPWnfrFdt6G92lPUnUvnjsXu8cZGk-8HTaX23BS750Zcp3xzgDUEeA9hcLbHCR6BYD3p3MeLcGlognWqHXioUQ292EL73lfHka2pSxOQTRO_wD5G6aHv6gH1bEsuedc2wRzjlFiZrFQWBBnzeMFFPPYY5E0DXI7xZ_JTrBtCFEewbbG-BcYeQYRN93teb_B5gk-9tp1NW5K7cnRD0bi6VSZbLeDRhiy_PtTN0UL9TPOPZNunN73"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
133851097
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3046 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
7574
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 891D 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jfrgvsw1xzhngfhcvfvgs5fkqsw54hxct4fkc012envfhqt6v4g8s5rer20hqs9tkpcgax9rq0gp4bbmyw0ht87934bvc2qg3h00afgdde9f4qpvznd4tvwyxq23334cwcfaa26ezdsk1t2xw42v4k0m4nj6snc62pn37x8asjwqbhz8jzyds2714rsxgccm49c0d2snefc4tv9fgqshbnaepxse8n95q9whsadtk2c92cxhzrde7hbkmn9bxwgjf8yy1kfsbyf64bdb9szjzd6zxx85z7pypad9gq7vtf7k3h4nv4j3x5bkn0kre75qq1eq1dr99v27ycct36pm200wcjzhx94z2s3491wdhw8hz51tt5b3g9yykhszp9s5js0swrb0efbxby575pyx01p7ypqr4k023z347pv6r1s2txw869dr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jfrgvsw1xzhngfhcvfvgs5fkqsw54hxct4fkc012envfhqt6v4g8s5rer20hqs9tkpcgax9rq0gp4bbmyw0ht87934bvc2qg3h00afgdde9f4qpvznd4tvwyxq23334cwcfaa26ezdsk1t2xw42v4k0m4nj6snc62pn37x8asjwqbhz8jzyds2714rsxgccm49c0d2snefc4tv9fgqshbnaepxse8n95q9whsadtk2c92cxhzrde7hbkmn9bxwgjf8yy1kfsbyf64bdb9szjzd6zxx85z7pypad9gq7vtf7k3h4nv4j3x5bkn0kre75qq1eq1dr99v27ycct36pm200wcjzhx94z2s3491wdhw8hz51tt5b3g9yykhszp9s5js0swrb0efbxby575pyx01p7ypqr4k023z347pv6r1s2txw869dr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83240
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 26 Jan 2022 16:25:06 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6d43089f7c0159e3-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 891D 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jfrgvsw1xzhngfhcvfvgs5fkqsw54hxct4fkc012envfhqt6v4g8s5rer20hqs9tkpcgax9rq0gp4bbmyw0ht87934bvc2qg3h00afgdde9f4qpvznd4tvwyxq23334cwcfaa26ezdsk1t2xw42v4k0m4nj6snc62pn37x8asjwqbhz8jzyds2714rsxgccm49c0d2snefc4tv9fgqshbnaepxse8n95q9whsadtk2c92cxhzrde7hbkmn9bxwgjf8yy1kfsbyf64bdb9szjzd6zxx85z7pypad9gq7vtf7k3h4nv4j3x5bkn0kre75qq1eq1dr99v27ycct36pm200wcjzhx94z2s3491wdhw8hz51tt5b3g9yykhszp9s5js0swrb0efbxby575pyx01p7ypqr4k023z347pv6r1s2txw869dr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16284
x-guploader-uploadid
ADPycdtTlZwSK1bMGD4JQEha8dQcwS763YR_GQXAjnXnl2RCnFCDM45gCF-BWocTru8uS1y2F-7HId-qcu1T7AovokayCZ19hA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hZzvAsg4ijU9GhhSPkhmYBr3OkzFfctQK%2FPub%2FvHjxUyWAHI3nJH%2B7UwzgA5pQCV8eo0VemsuSCdgnsNO7Vb0Nn7GUOaPxifGRh%2Brmj5R1iqtpDV6WvfU5qjUB2QQdAxEKxwAM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6d43089f5d790f86-MXP
expires
Thu, 27 Jan 2022 11:01:02 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame AE07 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k9ac6tfhw3caf1tjr1evjswa4g9z3m9a6e60841npp5hsdy1763v5sjkdchf4j5b5dte07vzhcrf2pray6dksbp028jqemnjf77wxbpg9rze75htpnrz7cjdqpjdwszncsfcnc32sbdw7dbwj1zg8jp5xd45emj8bdedyy7yy7az5kbtdp3zrbqt8a323xt0t5sx2w34h4a16bccdgcf2nzcznked5sra4dxag8f69dwx61rah1sthtj881kfkryzr9hj58mdzpgtdsdzext5896qc7bx9n1xg22fzq8qp13ym7wxk84myk3mnfyt9e3d84y1g4k9emmwbmgjnmcyz6z2x56nsggfwr3kgwd3031035pm8apkw50r0wsav7yj2xh5jswywx0xgzvx8rygvvwbsmnbp56dtc18xbcezf9b951tnhzhq22pb32kzth8pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1k9ac6tfhw3caf1tjr1evjswa4g9z3m9a6e60841npp5hsdy1763v5sjkdchf4j5b5dte07vzhcrf2pray6dksbp028jqemnjf77wxbpg9rze75htpnrz7cjdqpjdwszncsfcnc32sbdw7dbwj1zg8jp5xd45emj8bdedyy7yy7az5kbtdp3zrbqt8a323xt0t5sx2w34h4a16bccdgcf2nzcznked5sra4dxag8f69dwx61rah1sthtj881kfkryzr9hj58mdzpgtdsdzext5896qc7bx9n1xg22fzq8qp13ym7wxk84myk3mnfyt9e3d84y1g4k9emmwbmgjnmcyz6z2x56nsggfwr3kgwd3031035pm8apkw50r0wsav7yj2xh5jswywx0xgzvx8rygvvwbsmnbp56dtc18xbcezf9b951tnhzhq22pb32kzth8pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83240
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 26 Jan 2022 16:25:06 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6d43089f7bfe59e3-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame AE07 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k9ac6tfhw3caf1tjr1evjswa4g9z3m9a6e60841npp5hsdy1763v5sjkdchf4j5b5dte07vzhcrf2pray6dksbp028jqemnjf77wxbpg9rze75htpnrz7cjdqpjdwszncsfcnc32sbdw7dbwj1zg8jp5xd45emj8bdedyy7yy7az5kbtdp3zrbqt8a323xt0t5sx2w34h4a16bccdgcf2nzcznked5sra4dxag8f69dwx61rah1sthtj881kfkryzr9hj58mdzpgtdsdzext5896qc7bx9n1xg22fzq8qp13ym7wxk84myk3mnfyt9e3d84y1g4k9emmwbmgjnmcyz6z2x56nsggfwr3kgwd3031035pm8apkw50r0wsav7yj2xh5jswywx0xgzvx8rygvvwbsmnbp56dtc18xbcezf9b951tnhzhq22pb32kzth8pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16284
x-guploader-uploadid
ADPycdtTlZwSK1bMGD4JQEha8dQcwS763YR_GQXAjnXnl2RCnFCDM45gCF-BWocTru8uS1y2F-7HId-qcu1T7AovokayCZ19hA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzCSAwiZvszjlm3iGX01CcbRF2KtpR%2BScEQewBzxavA3Y1n58%2FqW06gcAvikaHmUVqaNFxrDktX3Y2P7qbQ0T7BmbdgSJoI8kNVz2yzfmKlM0GCTyi0kNBLESBk8K2XMl4uN7Fs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6d43089f5d750f86-MXP
expires
Thu, 27 Jan 2022 11:01:02 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A2E7 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jkxcbdmd854w42er26z73ph0q06egarz00sefpbd2v630gbqjm2xzbdwxaj61syr0afgfvm7yr25p4zed4bx4a8ntajz9m7d8htdre8m34j5y8zw6ebe49gprdn8dhegv0032wwgbcw9fwpb77bk3pzf0jvg3hmsbd4kedpy1tfndjagq99ya4qadws6v1a8vf9pt364vqzzbqx6g8pz668f0rbcmgcvq62ftsajk5sqbxeze2ykqvhmran7g1jw272x2arajhzd7xeyq2ahybbk3622gesxw4gswkb7stn029wpctfnax8505hp4hsjm7nwh2fkkrr2a3dhhegv08hqdwk0mcyta7z7bhxpy23zrrsv7nx5bz6prw28a4mr8pg85v4ccq80fgpfyz823qgg2s86756d0dsbn79t6ry93vfx22n3v1x8ntv3nt3qj20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jkxcbdmd854w42er26z73ph0q06egarz00sefpbd2v630gbqjm2xzbdwxaj61syr0afgfvm7yr25p4zed4bx4a8ntajz9m7d8htdre8m34j5y8zw6ebe49gprdn8dhegv0032wwgbcw9fwpb77bk3pzf0jvg3hmsbd4kedpy1tfndjagq99ya4qadws6v1a8vf9pt364vqzzbqx6g8pz668f0rbcmgcvq62ftsajk5sqbxeze2ykqvhmran7g1jw272x2arajhzd7xeyq2ahybbk3622gesxw4gswkb7stn029wpctfnax8505hp4hsjm7nwh2fkkrr2a3dhhegv08hqdwk0mcyta7z7bhxpy23zrrsv7nx5bz6prw28a4mr8pg85v4ccq80fgpfyz823qgg2s86756d0dsbn79t6ry93vfx22n3v1x8ntv3nt3qj20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83240
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 26 Jan 2022 16:25:06 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6d43089f7c0959e3-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame A2E7 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jkxcbdmd854w42er26z73ph0q06egarz00sefpbd2v630gbqjm2xzbdwxaj61syr0afgfvm7yr25p4zed4bx4a8ntajz9m7d8htdre8m34j5y8zw6ebe49gprdn8dhegv0032wwgbcw9fwpb77bk3pzf0jvg3hmsbd4kedpy1tfndjagq99ya4qadws6v1a8vf9pt364vqzzbqx6g8pz668f0rbcmgcvq62ftsajk5sqbxeze2ykqvhmran7g1jw272x2arajhzd7xeyq2ahybbk3622gesxw4gswkb7stn029wpctfnax8505hp4hsjm7nwh2fkkrr2a3dhhegv08hqdwk0mcyta7z7bhxpy23zrrsv7nx5bz6prw28a4mr8pg85v4ccq80fgpfyz823qgg2s86756d0dsbn79t6ry93vfx22n3v1x8ntv3nt3qj20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16284
x-guploader-uploadid
ADPycdtTlZwSK1bMGD4JQEha8dQcwS763YR_GQXAjnXnl2RCnFCDM45gCF-BWocTru8uS1y2F-7HId-qcu1T7AovokayCZ19hA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZhk8R1nskf9xwE0feHNGqAY2TqGr2sJXhUNEiSy6ziC2LOq8%2Fs0gvtKTvuYs3wOohSjlkDphLxoyVhNqziKJkRTS1jiwSFeTVhWK7JztpG%2FT1CvEUi0KN3k56cjWrcnuOoWkig%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6d43089f5d780f86-MXP
expires
Thu, 27 Jan 2022 11:01:02 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame DD16 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g8jzgdkg7cabxb17wafdtxzmjqvhb5ng57xzpns5gwxbhfbt95sy8vzbnss6mntwnvtyw6dwdyrkbwkq5x4r71wht0nagm8yyx4ej9fypv641eb9ydg8gerge6vfxhteb71dqw29539py86519v3smx1kgjg1zagnbdy84a3qcf2db9dxf7m9hmq07q054yb00xmrqxrtnrdhjnd0kchpp45saj9jz9xr7tv0kepqrxn9fyp0hqcnvbfc03y64wj685dwnwct97yck0tgskvwgx0619gt3zd7bnh3j1ebyfy6jmfafwkac26d9qn3dyn317zz9xzwmmp7kdh51w2sq8qxkqhk0q81rs8nzegafbf6bjmj3v2bdmk0vh4r6fjm6yztjzvskgx3fxave8a40rg3dzhzzxrmn9667tdybxvkjm6c7afqxw1j3vc4dpxjpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g8jzgdkg7cabxb17wafdtxzmjqvhb5ng57xzpns5gwxbhfbt95sy8vzbnss6mntwnvtyw6dwdyrkbwkq5x4r71wht0nagm8yyx4ej9fypv641eb9ydg8gerge6vfxhteb71dqw29539py86519v3smx1kgjg1zagnbdy84a3qcf2db9dxf7m9hmq07q054yb00xmrqxrtnrdhjnd0kchpp45saj9jz9xr7tv0kepqrxn9fyp0hqcnvbfc03y64wj685dwnwct97yck0tgskvwgx0619gt3zd7bnh3j1ebyfy6jmfafwkac26d9qn3dyn317zz9xzwmmp7kdh51w2sq8qxkqhk0q81rs8nzegafbf6bjmj3v2bdmk0vh4r6fjm6yztjzvskgx3fxave8a40rg3dzhzzxrmn9667tdybxvkjm6c7afqxw1j3vc4dpxjpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83240
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 26 Jan 2022 16:25:06 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6d43089f7c0659e3-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame DD16 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g8jzgdkg7cabxb17wafdtxzmjqvhb5ng57xzpns5gwxbhfbt95sy8vzbnss6mntwnvtyw6dwdyrkbwkq5x4r71wht0nagm8yyx4ej9fypv641eb9ydg8gerge6vfxhteb71dqw29539py86519v3smx1kgjg1zagnbdy84a3qcf2db9dxf7m9hmq07q054yb00xmrqxrtnrdhjnd0kchpp45saj9jz9xr7tv0kepqrxn9fyp0hqcnvbfc03y64wj685dwnwct97yck0tgskvwgx0619gt3zd7bnh3j1ebyfy6jmfafwkac26d9qn3dyn317zz9xzwmmp7kdh51w2sq8qxkqhk0q81rs8nzegafbf6bjmj3v2bdmk0vh4r6fjm6yztjzvskgx3fxave8a40rg3dzhzzxrmn9667tdybxvkjm6c7afqxw1j3vc4dpxjpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16284
x-guploader-uploadid
ADPycdtTlZwSK1bMGD4JQEha8dQcwS763YR_GQXAjnXnl2RCnFCDM45gCF-BWocTru8uS1y2F-7HId-qcu1T7AovokayCZ19hA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRrDLRmrmb2At41S%2BAeFjVm2x9UyJiNQHx8b3dwHUav4PAj6Dhr8f84o%2F4rifNv18gc9KcVEZy2aNW6IvLLgbJdK168mDtE4h95U9t%2BETW1J4OGYan0wm9gmthGcdeq9oV%2BQ8X0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6d43089f5d7a0f86-MXP
expires
Thu, 27 Jan 2022 11:01:02 GMT
view
t.adcell.com/p/ Frame 11F2 		42 B
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adcell.com/p/view?promoId=237769&slotId=77305&pv=1&subId=brdkxzaahxktakmswxhuaaapanmwnmn
Requested by
Host: ad.bsmartad.net
URL: https://ad.bsmartad.net/adframe.php?zoneid=11796&bannerid=8069&gdpr=0&gdpr_consent=&consent=1&ref=eyJ1YSI6Ijg4NjYzMDgyNTJkNjNmOWJmNzRiNzRlNjA2ODk2MTQ4IiwiYmlkIjoiYnNkXzZfMjVfMzYwNjFmMmJiMDg1ZjkyZCIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoibmV3c3lvdS5pbmZvIiwiY291bnRyeSI6IkRFVSIsInB1YmlkIjoiNDQwMjUiLCJpcCI6IjE5My4yNy4xNC4wIiwidGltZSI6MTY0MzI5NzU0NH0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad.bsmartad.net/

Response headers

server
myracloud
date
Thu, 27 Jan 2022 15:32:26 GMT
content-type
image/gif
content-length
42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
expires
Sat, 11 Jan 2003 12:59:00 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
pragma
no-cache
strict-transport-security
max-age=15768000
adview
googleads.g.doubleclick.net/pagead/ Frame CFAA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1i0uCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOQBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKSu-NYNJlMye1qjTqFbu1bbFC104zyISPyL9X6O56JhjyIwdA0Q1gAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=4SZuObaCmVc&uach_m=[UACH]&cid=CAQSOwCNIrLM_l8ta5JLMk7mdCvw3iEFFKtTNO97mFVIEVwYn6U1AEbdMmuxyNNoXsSSWb9qIY7qC4oD1uQnGAE
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=3366303577&adk=4264282029&adf=1531042278&pi=t.ma~as.3366303577&w=300&lmt=1643297545&psa=0&format=300x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2217&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600%2C336x300%2C1005x124&nras=2&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&xpc=PqLnFXzueD&p=https%3A//newsyou.info&dtd=2221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame CFAA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gvav7m7q357w3gywe980nc6s08vvj9476hkd7j8a7p04f7htmtzxa49bvja6bqwmfat39dp4rgyzqc5a6tqdq84avvdrgbfhd9c9fd3g31a47wbxww5cwj4y12nnvjfr435ed3a7nw3px97vp7mjvgndnxt44qmxprc4abhf21k2m9yav0xz7f686ama1gd3x8q5sj4jmc77gad5pra170cxf9tc0jj8t84f2gb420rz6brjv7mnecd3h8cdhrsgn18vbwc9antv2n5esddfh2gx9bcgjvkcqdgmgghdtnsc7p05815jv9vjk5xkh1par8wdeg2j5cjcp8havmth1xe969ws6fzpnpzbttxrdfhewcpvj3qq5p8rg97saxtfmg17310peyczj6v2dpa2c1hxptca&b=YfK7CQAHJcQHg4LZAAESpnUKWL-4d-z8y9CQEw
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 1D76 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h6kamkccfyxw7hac41av5cdjdyasy2vd9q5whb57yaf8bqqmkhr6tv8h7g6jnv3brks51sp6yf2ascnty6s0gv2fw701p53eyrp7044a1y0p9ja2gdtbnwjgmf3q8fprgpsfavxy16zyztsg0htxkc403xx3es1xvzdspm1dtwh212pwhbjm22sm5j2wpsw9b0srzm0g75gcfn9rz6ng7ef49h0673mxyatj4jfb95zqwcam1snz945ee2k1f7rx5e6ng0m60hrnhjyatsjr9g6r0yd7qx5bf8zvyt3xhfq78dvvsktgwxtf9zpp5zsckhj9b91nas8k9qgbngdp5zvc6wrct9kbncdm30fp8tcgy24hjdy17kg7ran9qz9fej5cqdy154sf350y8wgyh6xkyr8eac7ek99jzf0w3jj52ygg0jw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=3366303577&adk=4264282029&adf=1531042278&pi=t.ma~as.3366303577&w=300&lmt=1643297545&psa=0&format=300x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2217&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600%2C336x300%2C1005x124&nras=2&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&xpc=PqLnFXzueD&p=https%3A//newsyou.info&dtd=2221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fda215a8d1c5e8a17a575fe1035d30789f924694bed162be4ebb5995d45b65a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d43089f7bfb59e3-MXP
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame CFAA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=3366303577&adk=4264282029&adf=1531042278&pi=t.ma~as.3366303577&w=300&lmt=1643297545&psa=0&format=300x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2217&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600%2C336x300%2C1005x124&nras=2&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&xpc=PqLnFXzueD&p=https%3A//newsyou.info&dtd=2221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:28:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 55C0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=3366303577&adk=4264282029&adf=1531042278&pi=t.ma~as.3366303577&w=300&lmt=1643297545&psa=0&format=300x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2217&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600%2C336x300%2C1005x124&nras=2&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&xpc=PqLnFXzueD&p=https%3A//newsyou.info&dtd=2221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
7574
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame CFAA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=3366303577&adk=4264282029&adf=1531042278&pi=t.ma~as.3366303577&w=300&lmt=1643297545&psa=0&format=300x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2217&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600%2C336x300%2C1005x124&nras=2&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&xpc=PqLnFXzueD&p=https%3A//newsyou.info&dtd=2221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 15:30:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CFAA 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=3366303577&adk=4264282029&adf=1531042278&pi=t.ma~as.3366303577&w=300&lmt=1643297545&psa=0&format=300x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2217&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600%2C336x300%2C1005x124&nras=2&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&xpc=PqLnFXzueD&p=https%3A//newsyou.info&dtd=2221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:32:26 GMT
truncated
/ Frame 4D48 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42d0dc038351933c39a36af4289bbe6c0b30cb680db1d429f326867fd49dcacd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7A2C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d279eb69392bd47fbdd1a254f4f5606e87341be63178168283a530c1d9d96bea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 8FBA 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBVDsNem3y_d5rhB9UDxA1E&google_cver=1&google_push=AYg5qPJlOdCGpq7RbbOL8CnDe8z6v4SsxFyw0XFIt02HUJl2S0NzYtCqKVKaHCNjWF6LulH-PG5-75XXYm94gaKSrooBjyedkA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8FBA
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEG8P2ndqe5vFdQCMl8AbKrQ&google_cver=1&google_push=AYg5qPKyh3s3LCRyuFH28v0m3UWlrA9fj6HiAufI67Ed8KkjYC9XDUTQgxOGBsQfVO-2iSMHswx4DCCLuFDuZ5gh7VGQXDDDDHw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKyh3s3LCRyuFH28v0m3UWlrA9fj6HiAufI67Ed8KkjYC9XDUTQgxOGBsQfVO-2iSMHswx4DCCLuFDuZ5gh7VGQXDDDDHw&google_hm=Q0FFU0VHOFAybmRxZTV2Rm...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKyh3s3LCRyuFH28v0m3UWlrA9fj6HiAufI67Ed8KkjYC9XDUTQgxOGBsQfVO-2iSMHswx4DCCLuFDuZ5gh7VGQXDDDDHw&google_hm=Q0FFU0VHOFAybmRxZTV2RmRRQ01sOEFiS3JR
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H2
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:25 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKyh3s3LCRyuFH28v0m3UWlrA9fj6HiAufI67Ed8KkjYC9XDUTQgxOGBsQfVO-2iSMHswx4DCCLuFDuZ5gh7VGQXDDDDHw&google_hm=Q0FFU0VHOFAybmRxZTV2RmRRQ01sOEFiS3JR
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 8FBA 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFA8qxBsJgb4_qQpgSm1Gxo&google_push=AYg5qPIxpf3fZDWubVYNl-DpaJM0ip9ptQFeKzj07qWWSmTT-BHPFw7z6WhPtfzMZ_1ej5CbuSv2BC4CYvyBYKbOJDeBFYgp3fs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 8FBA 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMNSdq2x2EBy_nMBqd6TZI4&google_cver=1&google_push=AYg5qPIQftNz34ncJzDRL4zAGLZwr-3ms_9Kl3_roOQjRH0T59QLG3myQ7TmzGBgAwsnVG3xJQ6G0YvCV5UzJsDXXG2fftmjEA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
sn1neep24oo6epsg9uv9pfufd6e2b482
pixel
cm.g.doubleclick.net/ Frame 8FBA
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ-hRNsGYa8rNjwwjsKVYOszFM3orau3apoXr8CBOrb_3UjBx6yi4YYx5uODHnegf153EjUAOJlJFk6lQbSaF-jRQ3P-Jk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ-hRNsGYa8rNjwwjsKVYOszFM3orau3apoXr8CBOrb_3UjBx6yi4YYx5uODHnegf153EjUAOJlJFk6lQbSaF-jRQ3P-Jk
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8FBA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP5xXejN11HbX0Wc3FZwx3o&google_cver=1&google_push=AYg5qPJKt-lLTOorMVGqNMfc665tTeuYhCdraRQ9FgO2CGbAReGv6QGbUbHXoL7ULq-uCeZVn4h...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYNFhIUkQtMjYtSklFWA==&google_push=AYg5qPJKt-lLTOorMVGqNMfc665tTeuYhCdraRQ9FgO2CGbAReGv6QGbUbHXoL7ULq-uCeZVn4hWp8bipoBvvWTN0IuH8xFEd2E
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYNFhIUkQtMjYtSklFWA==&google_push=AYg5qPJKt-lLTOorMVGqNMfc665tTeuYhCdraRQ9FgO2CGbAReGv6QGbUbHXoL7ULq-uCeZVn4hWp8bipoBvvWTN0IuH8xFEd2E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H2
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYNFhIUkQtMjYtSklFWA==&google_push=AYg5qPJKt-lLTOorMVGqNMfc665tTeuYhCdraRQ9FgO2CGbAReGv6QGbUbHXoL7ULq-uCeZVn4hWp8bipoBvvWTN0IuH8xFEd2E
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8FBA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 8FBA 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IlLhbIbaju1HdsknvA_S1CCpvYLNY9U13Tw6GrtcTA9XEHZS79LIDsjQy5rYftng3owkRL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543216&bpp=1&bdt=746&idt=1264&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=mm5vVk2znF&p=https%3A//newsyou.info&dtd=1282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
m.mixadvert.com/show/load/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=6822&id_name=ehYNG&teaser_name=NkYSqSS&block_name=AkbjAR&ban_teaser=440546,440544,441677,440546,441677,440544,441677,440546&r=0.9279749091219465&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=6822&r=0.40425530571550405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
9631138987a4fca1b9a2d01c9c9b7eb15eaebe7a14c81fa20172bfa881235a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 1AE0
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLOuN7L7PYR0ssbjNSwX1LKY7xYHm2WGPr1d_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZLN0NnQUFCQzU3VHhEOA&google_push=AYg5qPLOuN7L7PYR0ssbjNSwX1LKY7xYHm2WGPr1d_FsjwwL_SXZ1P1zXblYL0dkO-xv3kcKx0ZF5NgTTjtUfC1fpV0Zm-h8PQI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZLN0NnQUFCQzU3VHhEOA&google_push=AYg5qPLOuN7L7PYR0ssbjNSwX1LKY7xYHm2WGPr1d_FsjwwL_SXZ1P1zXblYL0dkO-xv3kcKx0ZF5NgTTjtUfC1fpV0Zm-h8PQI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZLN0NnQUFCQzU3VHhEOA&google_push=AYg5qPLOuN7L7PYR0ssbjNSwX1LKY7xYHm2WGPr1d_FsjwwL_SXZ1P1zXblYL0dkO-xv3kcKx0ZF5NgTTjtUfC1fpV0Zm-h8PQI
Date
Thu, 27 Jan 2022 15:32:26 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 1AE0
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEG8P2ndqe5vFdQCMl8AbKrQ&google_cver=1&google_push=AYg5qPLTDWTZyIXBNW98Bu_6f7aSMFsn2BfB4otl5IhB6o75IgkyhptAQwDKW3ETIY8nYk9aJWuwHmukqGe8hx7XYE_jlWLn7q0
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLTDWTZyIXBNW98Bu_6f7aSMFsn2BfB4otl5IhB6o75IgkyhptAQwDKW3ETIY8nYk9aJWuwHmukqGe8hx7XYE_jlWLn7q0&google_hm=Q0FFU0VHOFAybmRxZTV2Rm...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLTDWTZyIXBNW98Bu_6f7aSMFsn2BfB4otl5IhB6o75IgkyhptAQwDKW3ETIY8nYk9aJWuwHmukqGe8hx7XYE_jlWLn7q0&google_hm=Q0FFU0VHOFAybmRxZTV2RmRRQ01sOEFiS3JR
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H2
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:25 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLTDWTZyIXBNW98Bu_6f7aSMFsn2BfB4otl5IhB6o75IgkyhptAQwDKW3ETIY8nYk9aJWuwHmukqGe8hx7XYE_jlWLn7q0&google_hm=Q0FFU0VHOFAybmRxZTV2RmRRQ01sOEFiS3JR
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1AE0
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPI1r8JblkrfRUtGFIhLEcF12F9Y4hHKoZMbPPEF8PFqVM1-lWR5Ajl-92Xrc2fk90NDG__TTaUx6c8DyxAv12CGXJsuEro&google_gid=CAESEPd6GVsLIIA2l5Ak5hL1gvk&goog...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIr2yo8GEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBJMXI4SmJsa3JmUlV0R0ZJaExFY0YxMkY5WTRoSEtvWk1iUFBFRjhQRnFWTTEtbFdSNUFqbC05MlhyYzJmazkwTkRHX19UVGFVeDZjOER5eE...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbGJRN081S0VWaFhRZWR5WmQ2MlhLanVpOHR5UVd6UHRqQkpXRTQ2ODZ4UQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbGJRN081S0VWaFhRZWR5WmQ2MlhLanVpOHR5UVd6UHRqQkpXRTQ2ODZ4UQ==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jan 2022 15:32:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbGJRN081S0VWaFhRZWR5WmQ2MlhLanVpOHR5UVd6UHRqQkpXRTQ2ODZ4UQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
dds
rtb.openx.net/sync/ Frame 1AE0 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMNSdq2x2EBy_nMBqd6TZI4&google_cver=1&google_push=AYg5qPJd1H3WpxvIIlCNKkAP6lzhGNDwWgExuD7kxzDaX_cg0LcBk4t0HJclveV4RoPvOwhoe-v1CNW-d2n8vRb2mjBLG0PjfGQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
t4m4k4kk73k6e9r02ml5o4dnmtqsusbs
pixel
cm.g.doubleclick.net/ Frame 1AE0
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKsutMtTK4xkY1PlWdYh9P7RVk8fP5crRhtDue8bKqt3HWdbblgTtIDmEramdvd2eH2gkcuj9wRSRpnZ2zJcrSV3ORxmwA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKsutMtTK4xkY1PlWdYh9P7RVk8fP5crRhtDue8bKqt3HWdbblgTtIDmEramdvd2eH2gkcuj9wRSRpnZ2zJcrSV3ORxmwA
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
trk
ag.innovid.com/ Frame 1AE0 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESELmuRRiAyFY7jY-Y42O7R2A&google_cver=1&google_push=AYg5qPJBd8u54k8bz6ZYXDMgAfrY_xuEMr4qpNUwIJecxxV4xOqKG_8372mI0sa5n6EBCJdnGX2OWbEXPTQ4QZR8u9A3McgbaIg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:d24:9302:97b1:15b5:5291:407b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1AE0
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAmeU2UlAOJ-2AZTVMeMMoM&google_cver=1&google_push=AYg5qPKTicY4LE22R8AdrH62...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKTicY4LE22R8AdrH62qRKrIcrBq1-4FkEU1v-vIKNARcb_s59g6TK6TEWd04uNFJX19ZuCW_NXma9GmUpaf2QU5FRcFaA-&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKTicY4LE22R8AdrH62qRKrIcrBq1-4FkEU1v-vIKNARcb_s59g6TK6TEWd04uNFJX19ZuCW_NXma9GmUpaf2QU5FRcFaA-&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKTicY4LE22R8AdrH62qRKrIcrBq1-4FkEU1v-vIKNARcb_s59g6TK6TEWd04uNFJX19ZuCW_NXma9GmUpaf2QU5FRcFaA-&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Wed, 26 Jan 2022 15:32:26 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1AE0 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4JFPIe5WmUd36crLsTDB1EQjxXNYm03l1iAzvnn4yBCYbipKYpIBOSzzjtwtgUzaMDoiaFQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1643297544&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1411&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=JiMRJgxfNh&p=https%3A//newsyou.info&dtd=1415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame D2AC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 15:32:26 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame D2AC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 15:32:26 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D2AC 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 22 Jan 2023 15:32:26 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame D2AC 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 22 Jan 2023 15:32:26 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame D2AC 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=Ft_WDDqIuRg9IBP6gwNPNSoSd0XcFm1hCdASqLyUGftlaXw-PEw-SGzBu8cNHU0pbxmJv8IvsBocA3Lny-ITHTFD6qqhx9E_JcUAjCJDEtHXD67OhgdzS-TJW0HSmMhcgbj0upnnNM9zvpsTupIPHQ3RMNKHI6Hh26ETvS-LLNu5wpefeTp45DDFVAVS0j4nZDC0UzxaUeCtaJ45LD9bH4J45SP_6VKLBZol3zGsfc2t-gzIwQ3C0mFtd2xLCta1AQ0IsjVhKhs-Uu7BgpdP0XdJEt1A7B20q74sPjV2bb_15MciFHuYPhKb8TNGq80Sb82OXXw5eUs_4cZlX8C7vpqylEj3gs7a-nyzKZmN_6SyHL84-hzvjaDJtON-DvoP7EyxRKqhw0qYw-XorQEdR7GBr8OLz-beQ3eb8C7xwIJossDSHRm1GrDE-aW_zix7fOIFgA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:25 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3104539
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame B410 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04a9bf6e7bae14ed12f392b5433187b4470b441fac7cef743c8fbdfacaea444d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 0E2A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKp3_odNYh1kwGaCAt-22SI&google_cver=1&google_push=AYg5qPL24XbX3UbvcQ7t45drZ-0cVoPC_dDKV7K5AnYQ6Om8gYFH5RrBm6...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL24XbX3UbvcQ7t45drZ-0cVoPC_dDKV7K5AnYQ6Om8gYFH5RrBm6gTGAf8LVS7Uvr-V_y2P4iPB-DvEHMGliwh_9aYLpQy&google_hm=DoNHjO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL24XbX3UbvcQ7t45drZ-0cVoPC_dDKV7K5AnYQ6Om8gYFH5RrBm6gTGAf8LVS7Uvr-V_y2P4iPB-DvEHMGliwh_9aYLpQy&google_hm=DoNHjOtodanECqI026dtAQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL24XbX3UbvcQ7t45drZ-0cVoPC_dDKV7K5AnYQ6Om8gYFH5RrBm6gTGAf8LVS7Uvr-V_y2P4iPB-DvEHMGliwh_9aYLpQy&google_hm=DoNHjOtodanECqI026dtAQ
pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E2A
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEFlZ7FO4OPz-16Ok4T8qECc&google_cver=1&google_push=AYg5qPJhy5Xs0oSd_qROAM_LaCMWGXSpW_f9HRReOGS9KS177UtvvxAxmy9ZW2pRQNu8yxW1L-X6paqB2z7-qvf9EvqjNgCBgvnq
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJhy5Xs0oSd_qROAM_LaCMWGXSpW_f9HRReOGS9KS177UtvvxAxmy9ZW2pRQNu8yxW1L-X6paqB2z7-qvf9EvqjNgCBgvnq&google_hm=Q0FFU0VGbFo3Rk80T1B6L...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJhy5Xs0oSd_qROAM_LaCMWGXSpW_f9HRReOGS9KS177UtvvxAxmy9ZW2pRQNu8yxW1L-X6paqB2z7-qvf9EvqjNgCBgvnq&google_hm=Q0FFU0VGbFo3Rk80T1B6LTE2T2s0VDhxRUNj
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:26 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJhy5Xs0oSd_qROAM_LaCMWGXSpW_f9HRReOGS9KS177UtvvxAxmy9ZW2pRQNu8yxW1L-X6paqB2z7-qvf9EvqjNgCBgvnq&google_hm=Q0FFU0VGbFo3Rk80T1B6LTE2T2s0VDhxRUNj
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 0E2A 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELHbEgsu0BIFjc2FY5nboOc&google_cver=1&google_push=AYg5qPLAWs-iKK9rQJkMFOeCsFtQVRr01nrr1erJxGYXz1iWEh9pcHhgnIW2DkgiC-Ja3_WekLczOHKgTXFG1jjR31EeNBEPeX5K
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
m8flso11faogetbur5593vf1p2rtij5j
pixel
cm.g.doubleclick.net/ Frame 0E2A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKve9j7JTi9COqWCErAqtkR-7gRtTe1rx60Yo_3i3i5f1pHdpNI5dPanvn7m5Oq-B1hpKIVxwir6n3wqWY9tuuhWuYUDx3_
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKMYWPlRSxu4hjeEKy3ENg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKve9j7JTi9COqWCErAqtkR-7gRtTe1rx60Yo_3i3i5f1pHdpNI5dPanvn7m5Oq-B1hpKIVxwir6n3wqWY9tuuhWuYUDx3_
date
Thu, 27 Jan 2022 15:32:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0E2A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJpdbe0hrlNoCiKCkdJCOXM&google_cver=1&google_push=AYg5qPIV3H0gslk1b-5WuMD9OzyIfEdo1LF9aJ5oRvx6KLSbrj1NP96aHQbYIX8E78ZdYOlIO_9...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYNFhIVFItMTgtODNXSQ==&google_push=AYg5qPIV3H0gslk1b-5WuMD9OzyIfEdo1LF9aJ5oRvx6KLSbrj1NP96aHQbYIX8E78ZdYOlIO_9zgkMnBoISz4rHAvAUytwP5Vet
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYNFhIVFItMTgtODNXSQ==&google_push=AYg5qPIV3H0gslk1b-5WuMD9OzyIfEdo1LF9aJ5oRvx6KLSbrj1NP96aHQbYIX8E78ZdYOlIO_9zgkMnBoISz4rHAvAUytwP5Vet
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYNFhIVFItMTgtODNXSQ==&google_push=AYg5qPIV3H0gslk1b-5WuMD9OzyIfEdo1LF9aJ5oRvx6KLSbrj1NP96aHQbYIX8E78ZdYOlIO_9zgkMnBoISz4rHAvAUytwP5Vet
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0E2A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ9...
0
0
trk
ag.innovid.com/ Frame 0E2A 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEncSUQgXW93GsXyb1Cg85s&google_cver=1&google_push=AYg5qPIz-Nt4KM6OvYswfzf2JcldA-zv7lKfauBWgvc7cWcMJwH62XXoEBKqZN89qrAsT6eadfRby3JoQvJA-m66RpekqWXlbYoh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:d24:9302:97b1:15b5:5291:407b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 0E2A 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNRrC0kETtPxgXhemRK1wJXCbpPLofcDfbR-NNo9XXS4zDdyMo7fAnTtzXe38JPzUqc_4i
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 497A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBVDsNem3y_d5rhB9UDxA1E&google_cver=1&google_push=AYg5qPJUBOpOXPTX_486HD0G43NXua98tS47um50aV7B2xnYV6uXGlSKMs...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJUBOpOXPTX_486HD0G43NXua98tS47um50aV7B2xnYV6uXGlSKMsYeQD9GCW5bFM20Z_FeK9YHUV22bUATqULQzVVZzD8&google_hm=DoNHjOt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJUBOpOXPTX_486HD0G43NXua98tS47um50aV7B2xnYV6uXGlSKMsYeQD9GCW5bFM20Z_FeK9YHUV22bUATqULQzVVZzD8&google_hm=DoNHjOtodanECqI026dtAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1643297544&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1589&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=3390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=lWmNVgJi3G&p=https%3A//newsyou.info&dtd=1599
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJUBOpOXPTX_486HD0G43NXua98tS47um50aV7B2xnYV6uXGlSKMsYeQD9GCW5bFM20Z_FeK9YHUV22bUATqULQzVVZzD8&google_hm=DoNHjOtodanECqI026dtAQ
pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 497A 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K44osJcY0t9bB9pzNtKKlk_-SAZTtV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1643297544&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543217&bpp=1&bdt=746&idt=1589&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=3390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=lWmNVgJi3G&p=https%3A//newsyou.info&dtd=1599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 3627
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBVDsNem3y_d5rhB9UDxA1E&google_cver=1&google_push=AYg5qPL5drHqebIru185bXoIRr2eWng64BiUswNR1zN2BOZ_MBqCdbiTXk...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL5drHqebIru185bXoIRr2eWng64BiUswNR1zN2BOZ_MBqCdbiTXkyzrF8dkXavacpV_RlBQEfbdWU8qMwltQnq6SoDFHLP4w&google_hm=DoNH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL5drHqebIru185bXoIRr2eWng64BiUswNR1zN2BOZ_MBqCdbiTXkyzrF8dkXavacpV_RlBQEfbdWU8qMwltQnq6SoDFHLP4w&google_hm=DoNHjOtodanECqI026dtAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL5drHqebIru185bXoIRr2eWng64BiUswNR1zN2BOZ_MBqCdbiTXkyzrF8dkXavacpV_RlBQEfbdWU8qMwltQnq6SoDFHLP4w&google_hm=DoNHjOtodanECqI026dtAQ
pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3627 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ia-7ODAuyq0xZ1k2YXDXpRSigkBzk0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 0948 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBVDsNem3y_d5rhB9UDxA1E&google_cver=1&google_push=AYg5qPLwzsweaIf6z3GbQKdW9mqE7PQJ_6JJXn0KOk5XBfGuQRWKcZBu2K-bdw9W4cspXH2pLPOYaI0k7eXekETw8cZrV7FnGnE9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0948 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JD7ZyRb-P_9yzxCtQE_wbUb6dB504-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AE07 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 27 Jan 2022 15:32:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4799860
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKa7wKcR7S0hUrq4oHfgAr1UQSy91I%2F74k1LShfCOb%2FUS3qonDhco3KFScHV7pLMmHtDh5iBXaPHD9E6RnscfYJ5ZeNv%2FTOKzqdkWiqzZeTr9d1BjZ3TTHktnG%2BuXLSzG8REjKnwkwT5b2s38W2eJdqa"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6d4308a1b8dc3746-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
truncated
/ Frame A127 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
811d8a98333497981c83c099fbd4f0efac7a253043d1d2fa3beb4ddd551039e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1643297545&ptz=0&pl=en-US&object=14482&template_id=783&num=3&ref=&output=json&chash=bWU8CEQzVw&extids=&callback=__smiCb1643297543637
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Nootdorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
74368695b5af312a44e53a8968969b6bcd5c62eaf30e6f66e2a8911aaf076aa2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cdnf.js
pix.adrta.com/ Frame 4C7A 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.adrta.com/cdnf.js?v=22.90
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/bzk/aa.js?cb=540a1a6698863406949aa8eb7df496f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06432589bb496ce3791bde5ffbbe85f108a1193d939bb2bbf3a48edef277a08e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
gQKNnPDF2oRplSlO3PhR6NV_ppMFdCpa
content-encoding
gzip
last-modified
Sat, 04 Dec 2021 05:41:34 GMT
server
AmazonS3
age
63643
etag
W/"684ed23431ba46a7fc6c71928e6e4ded"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
date
Wed, 26 Jan 2022 21:51:45 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
KMHClGE7Lbm4nzJtv4X608gtdPWLHrLsVu7kV5bFCASfCqgakkyMIQ==
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0103
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543214&bpp=1&bdt=743&idt=1031&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x379&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1CO3nBI9G5&p=https%3A//newsyou.info&dtd=1037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 27 Jan 2022 15:32:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 27 Jan 2022 15:32:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 27 Jan 2022 15:32:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 2705 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 15:16:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:26 GMT
38170-440544-i7A.jpg
i.mixadvert.com/8174/38170/ Frame 2705 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-440544-i7A.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
7b69b7aa20f78f4f3d34340188accae54f1135fc5862fa4cc8c225f56e2fb77f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 28 Dec 2021 11:57:47 GMT
Server
nginx/1.12.1
ETag
"61cafbbb-478f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18319
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-441677-fiH.jpg
i.mixadvert.com/8174/38170/ Frame 2705 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-441677-fiH.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
c1b9570fbda05a8c7581fca7882e8337cf26285ae607b2ba040c7805ff7b79f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 25 Jan 2022 10:43:13 GMT
Server
nginx/1.12.1
ETag
"61efd441-4c92"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19602
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-440546-D9b.jpg
i.mixadvert.com/8174/38170/ Frame 2705 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-440546-D9b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
c6f7e013559d55c96d0175a0fe0b25bfc684cf6db0a2e2c1dc1efeca8ac5942b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 28 Dec 2021 11:58:21 GMT
Server
nginx/1.12.1
ETag
"61cafbdd-7f40"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32576
Expires
Thu, 31 Dec 2037 23:55:55 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CF2A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1643297544&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543215&bpp=1&bdt=745&idt=1194&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=MHhd45fTMT&p=https%3A//newsyou.info&dtd=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 27 Jan 2022 15:32:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 27 Jan 2022 15:32:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 27 Jan 2022 15:32:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
frame.html
ad4m.at/ Frame 5FAF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires
Thu, 27 Jan 2022 16:32:26 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
2121960
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFK4%2FtC42U49eXW0RXTnS3QHq50fv43rr5znMUC4cezyJH4Xel09GGrNBUAdzOg%2FhmP32aNHi7wiDX4y7smlILNe%2FlJBD3H7CT4%2FqdEbsFX4hI7BmTeAb0nRJcTjCGq9k903Mpo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d4308a15a2459e3-MXP
content-encoding
br
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A2E7 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 27 Jan 2022 15:32:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4799860
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnwswX73dGVxaIq0IPKHvlAcGZsUC4aHI%2FMvyTnFElEiRuYiCKhk6bS2YrDEbcC2QJkt6l8kwvAC2UYwe1ekGwRUR%2F3LlofRlNrC6GlwuxXOHoyuycZMAf0D%2BwwyGu2%2FGQt2uIJWEomS94W%2FWMpDtYjA"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6d4308a1b8e33746-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
block_head.png
mixadvert.com/images/logo/ Frame 2705 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D2AC 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
260740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfG2k3XNflowRcYn%2FlDhpI5V%2FztKwn3%2F3gygtJ7wzxYtFqyPrq0pWKtAbi%2BBU4QqwP2BoWJHRXRsty1u0jqwFeaN22TWRuykdjxyhQsGH956j5IzVIcjjAviYfcJrrmmNGpPaqifwgIOy%2FqNKkOd11wi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d4308a22f953756-MXP
expires
Tue, 17 Jan 2023 15:32:26 GMT
animejs.js
static.criteo.net/animejs/ Frame D2AC 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 15:32:26 GMT
38170-441677-fiH.jpg
i.mixadvert.com/8174/38170/ Frame 588B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-441677-fiH.jpg
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/load/?id=5709&id_name=dbAkk&teaser_name=ssfthyR&block_name=pBBrjY&ban_teaser=&r=0.4252088532038807&host=newsyou.info&ref=https://newsyou.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
c1b9570fbda05a8c7581fca7882e8337cf26285ae607b2ba040c7805ff7b79f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 25 Jan 2022 10:43:13 GMT
Server
nginx/1.12.1
ETag
"61efd441-4c92"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19602
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-440546-D9b.jpg
i.mixadvert.com/8174/38170/ Frame 588B 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-440546-D9b.jpg
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/load/?id=5709&id_name=dbAkk&teaser_name=ssfthyR&block_name=pBBrjY&ban_teaser=&r=0.4252088532038807&host=newsyou.info&ref=https://newsyou.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
c6f7e013559d55c96d0175a0fe0b25bfc684cf6db0a2e2c1dc1efeca8ac5942b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 28 Dec 2021 11:58:21 GMT
Server
nginx/1.12.1
ETag
"61cafbdd-7f40"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32576
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-440544-i7A.jpg
i.mixadvert.com/8174/38170/ Frame 588B 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-440544-i7A.jpg
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/load/?id=5709&id_name=dbAkk&teaser_name=ssfthyR&block_name=pBBrjY&ban_teaser=&r=0.4252088532038807&host=newsyou.info&ref=https://newsyou.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
7b69b7aa20f78f4f3d34340188accae54f1135fc5862fa4cc8c225f56e2fb77f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Tue, 28 Dec 2021 11:57:47 GMT
Server
nginx/1.12.1
ETag
"61cafbbb-478f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18319
Expires
Thu, 31 Dec 2037 23:55:55 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 891D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 27 Jan 2022 15:32:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4799860
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IicCL1u1Wb0X%2BCZLx5YzVhhI8BrhseIZ8lr5fIOEuk%2BEqSmWAa9b961Mkzx5GECpp9S9XP40Fu8agQDtSzvcR7OzCA7tt%2Fxqye4euLBHZe34XLxuprt%2FDi3jyGKPZkNbSiBsAPsqr1XKT83rT5fCZ%2FAM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6d4308a1c90e3746-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 1D76 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h6kamkccfyxw7hac41av5cdjdyasy2vd9q5whb57yaf8bqqmkhr6tv8h7g6jnv3brks51sp6yf2ascnty6s0gv2fw701p53eyrp7044a1y0p9ja2gdtbnwjgmf3q8fprgpsfavxy16zyztsg0htxkc403xx3es1xvzdspm1dtwh212pwhbjm22sm5j2wpsw9b0srzm0g75gcfn9rz6ng7ef49h0673mxyatj4jfb95zqwcam1snz945ee2k1f7rx5e6ng0m60hrnhjyatsjr9g6r0yd7qx5bf8zvyt3xhfq78dvvsktgwxtf9zpp5zsckhj9b91nas8k9qgbngdp5zvc6wrct9kbncdm30fp8tcgy24hjdy17kg7ran9qz9fej5cqdy154sf350y8wgyh6xkyr8eac7ek99jzf0w3jj52ygg0jw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h6kamkccfyxw7hac41av5cdjdyasy2vd9q5whb57yaf8bqqmkhr6tv8h7g6jnv3brks51sp6yf2ascnty6s0gv2fw701p53eyrp7044a1y0p9ja2gdtbnwjgmf3q8fprgpsfavxy16zyztsg0htxkc403xx3es1xvzdspm1dtwh212pwhbjm22sm5j2wpsw9b0srzm0g75gcfn9rz6ng7ef49h0673mxyatj4jfb95zqwcam1snz945ee2k1f7rx5e6ng0m60hrnhjyatsjr9g6r0yd7qx5bf8zvyt3xhfq78dvvsktgwxtf9zpp5zsckhj9b91nas8k9qgbngdp5zvc6wrct9kbncdm30fp8tcgy24hjdy17kg7ran9qz9fej5cqdy154sf350y8wgyh6xkyr8eac7ek99jzf0w3jj52ygg0jw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83240
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 26 Jan 2022 16:25:06 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6d4308a1cbc659e3-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 1D76 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h6kamkccfyxw7hac41av5cdjdyasy2vd9q5whb57yaf8bqqmkhr6tv8h7g6jnv3brks51sp6yf2ascnty6s0gv2fw701p53eyrp7044a1y0p9ja2gdtbnwjgmf3q8fprgpsfavxy16zyztsg0htxkc403xx3es1xvzdspm1dtwh212pwhbjm22sm5j2wpsw9b0srzm0g75gcfn9rz6ng7ef49h0673mxyatj4jfb95zqwcam1snz945ee2k1f7rx5e6ng0m60hrnhjyatsjr9g6r0yd7qx5bf8zvyt3xhfq78dvvsktgwxtf9zpp5zsckhj9b91nas8k9qgbngdp5zvc6wrct9kbncdm30fp8tcgy24hjdy17kg7ran9qz9fej5cqdy154sf350y8wgyh6xkyr8eac7ek99jzf0w3jj52ygg0jw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16284
x-guploader-uploadid
ADPycdsoLgx8n7jiyPdzdqiZQ5pie9d6qWkEeBXSxQHaDB9ri_PQZAsJo6gOrp8p0Ozux54M8eJ7NVBSc4Ny9jpqepI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHjYZ1dvISSJ%2FNDNqXlhv%2BstwGrfOknu%2F4GtfdU8D1jr3oOhJ1qXRqnWcq7361JrCBq5Sr%2BLlywC4ph6fIb21MnwiuM9mCoxX6wCth154uf%2FtQQRME33t7p13Hj2VpKhcT9RBq0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6d4308a1cbc859e3-MXP
expires
Thu, 27 Jan 2022 11:01:02 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 34D5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 15:32:26 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 34D5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 15:32:26 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 34D5 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 22 Jan 2023 15:32:26 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 34D5 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 22 Jan 2023 15:32:26 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 34D5 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=GLJlMwHbIRnoGeKlU3uCLY8ITtNLKrK_KTB2NEFbSYVjbLh9LhsTFY2lo1jUdDCvgKpb5EMuhao-CcD0ssawsq4hmxFI9p_s1FkeY2z5CCxzpD-RXMqRbXzn7ftYW5kvjS_1dtx3jNkCjBSJg591Ke0Tv02ogCgs-CMUlwQZvaiipjB6b1gOztXSxriqDYkQxOrgzYJoZdEUL4T4koigkHn53pVmavOuAwxMMgx4n5kBtgZMRsF6Cl3kMcQ4KI1OXYUnmO4qF26EHdEwmGVdTSzaSSN-RI9Vof8iVua2CpL7xr2SQzw2pNnXVAxKxVsbOn_70lH3s44UtzwRzUh6xClii3sTbNbHZXeGqSt-fE9YY5K6xCguLMtH1TybwYB9h1_DF-XW0jNwe7ihgAsEN3UD0iZzuN6xe1tLd3V2pg_wBWj7atGp7-zkgonybuFloAOlRA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2551945
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2705 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:59:49 GMT
x-content-type-options
nosniff
age
160357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 18:59:49 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2705 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 12:42:17 GMT
x-content-type-options
nosniff
age
442209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 22 Jan 2023 12:42:17 GMT
block_head.png
mixadvert.com/images/logo/ Frame 588B 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:26 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
cors
data.ad-score.com/data/ Frame 4C7A 		50 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RNCwshxGaoiHKSgPaMfsXOCsYoMAZmxT-FE7fPshldVrrKDwY3nLIGkLGNA==-E0zFP89kalvmMg==&pm_ct=eefdcd39b2f2602992c865f7&pm_pl=1643297546623&pm_td=9&pid=1000787&en=1.1&callback=__pm_glbl_FC849qYWgypsJ5f9FSrJCJSU._gc1&v=1f9f249
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
0274d2561bec3ab100d1bc6bdedf3a1826e7d038fcb8345201a6e393c8d34bdb

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:27 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://newsyou.info
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
50
x.html
js.ad-score.com/ Frame 7547 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000787
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fb875858831be2686e67ca7dd51f69ec152d5cc08144ffdae6286b793c579467

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Encoding
gzip
Last-Modified
Wed, 26 Jan 2022 21:14:43 GMT
Date
Wed, 26 Jan 2022 21:19:04 GMT
X-Cache
Hit from cloudfront
Via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
X-Amz-Cf-Id
Pl3Ok54HsUgfJiQhKZxFRe9RnVKbW89dsvIE2kVyfo3zmsvmoSAzVA==
Age
65602
truncated
/ Frame 1C97 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4C7A 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DD16 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 27 Jan 2022 15:32:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20055147
x-guploader-uploadid
ABg5-UxSjUjrRZn0Qh0o7bl53fEaHcVGOMgniw-BD1hW-i7497grr2ADHPnjcztxMTwRF-eAuQva7DgEToW9nRlk5Ok
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGF7OZ%2BvjcvFOKY9UWgONTyTRWjPwQKoTBOF5MNu5HVl3pACezq6WFO0Y%2Bhy1gJIAsZDAx38LakZ8vBiFX7aoWVd9TcL1OTVBAP1zOG6X7nff3nIyRObyAvL7tUv3q3WThVFstXrZ92bZ1V9sO31RQEK"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6d4308a3de950e1e-MXP
expires
Thu, 09 Jun 2022 12:39:07 GMT
frame.html
ad4m.at/ Frame C6F0 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires
Thu, 27 Jan 2022 16:32:26 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
2121960
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMIOaj59TAMg6EV7iKSXoFF%2B9Ip%2FHmhdDfVmgycI7dAtfeNft3A6jAu115pirMs%2FTaZee5GPcGWidhBVNXmUDbdUk0dh8yh9ijh0dgOyCaSQ6B3hDtFVX4p5Wto6W%2FINPTBUm%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d4308a3793759e3-MXP
content-encoding
br
img
pix.eu.criteo.net/img/ Frame D2AC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=Y8QTAylViRXd_YhTvIqILQK5
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:33:55 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
280710
vary
Origin
x-cache
hit
content-type
image/png
cache-control
public, max-age=31071480
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
11345
expires
Thu, 19 Jan 2023 00:31:57 GMT
img
pix.eu.criteo.net/img/ Frame D2AC 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1569095-_x600-nocrop.jpg&v=3&w=400&s=lym3S3coXHcKJSi1Vr8_xuQz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fed4e028d93691a9c5f12b2bdbb0ecf1c903918f313fdf3441b4028a0cbcd079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 10:11:17 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
278468
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31389809
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
59996
expires
Sun, 22 Jan 2023 17:34:47 GMT
img
pix.eu.criteo.net/img/ Frame D2AC 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=400&s=U50QBZteurZUBwwnN0OH3RYn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:16:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
281781
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31358720
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
70472
expires
Sun, 22 Jan 2023 08:01:25 GMT
img
pix.eu.criteo.net/img/ Frame D2AC 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:15:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
281811
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31381877
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
67290
expires
Sun, 22 Jan 2023 14:26:52 GMT
img
pix.eu.criteo.net/img/ Frame D2AC 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1303321-_x600-nocrop.jpg&v=3&w=400&s=LTqXUWGTgO_4Ogiva0Y8rLDN&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6055024f7bfc6b5681f10a75e7d2c8f8ab556572613db77d9e8618181950e91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 10:00:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
279106
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31374649
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
55562
expires
Sun, 22 Jan 2023 13:11:30 GMT
all
csm.eu.criteo.net/ Frame D2AC 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=C3twvH_YWwLOacetzAtVMyHo2kIFieVZdTWxeIISAK2Afa63xUaCHa056XKjfdolWRycl4B-UH9fzjJWfHqMtOyfavs1Ki60GRqyMrB_cDQ5c_f-rTPKB79SqNLaWyWtJItJW24xI-7rrkuPw9M7eohqy0gmjuH4dOYJEe5Av_NdPMqgqKUIU2b0TfzqBfHl9WX_eGetk1ufXYRqcw8Y1YTFE0mwbZDT7UhtWwF18vNDlm7YCCeos1p8TJk76442ZZCaaRGzl7lvmCI_&sds=2&rev=80217&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:26 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D2AC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 15:32:26 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D2AC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 15:32:26 GMT
frame.html
ad4m.at/ Frame 5066 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires
Thu, 27 Jan 2022 16:32:26 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
2121960
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DPYFzJ2KKtFKTaStf%2FwpjH%2FtxE4UghgMn15BX0GBUlIJZQ1tkpaWG4EqdkImzS%2Fuchvx43KS8Oe5VpYr0Mraf0s%2FIOkT%2B7OKsXWSnFg5Kc5e%2FTYGiwhjaHm7kocxDnXR%2FiAGNE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d4308a3a9d059e3-MXP
content-encoding
br
ce07f4f5-f9e8-4a5d-84df-7d2d611bb346
https://newsyou.info/ Frame 4C7A 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://newsyou.info/ce07f4f5-f9e8-4a5d-84df-7d2d611bb346
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b2b81b66c6fc3f222898b941077bc356faabb7b3509f9b9378f0d41f0d06dc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
10556
Content-Type
text/javascript
9304999a-1fb2-448b-99d6-ca37d76dc696
https://newsyou.info/ Frame 4C7A 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://newsyou.info/9304999a-1fb2-448b-99d6-ca37d76dc696
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ Frame 4C7A 		1 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RNCwshxGaoiHKSgPaMfsXOCsYoMAZmxT-FE7fPshldVrrKDwY3nLIGkLGNA==-E0zFP89kalvmMg==&pm_ct=eefdcd39b2f2602992c865f7&pm_pl=1643297546623&pm_td=259&pid=1000787&en=1.1&callback=__pm_glbl_FC849qYWgypsJ5f9FSrJCJSU._gc2&v=1f9f249
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://newsyou.info
Date
Thu, 27 Jan 2022 15:32:27 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ Frame 4C7A 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
frame.html
ad4m.at/ Frame 2081 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires
Thu, 27 Jan 2022 16:32:26 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
2121960
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CH%2Bn1V3Yb2l%2BvOHT19aIIOMAwiWHXUcdb39u3WfYuhBX3xCDcY33LrqtQscSOTP%2FdmlWta6ehF2o2pisJGHOsUwIdtxtq%2Ba2fqT6kZffp%2BotXUrJlII5wKlD5kaYfBoKDtnU3Sc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d4308a45c1b59e3-MXP
content-encoding
br
match
ads.betweendigital.com/ Frame 0D68
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D9c4433cc-c82f-4416-9bab-dec64166040...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=922f61f2-bb0a-4200-bb27-77e84cf59b91&expires=30&ssp=between&bsw_param=9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
Date
Thu, 27 Jan 2022 15:32:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3046
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBVDsNem3y_d5rhB9UDxA1E&google_cver=1&google_push=AYg5qPINxIyVeQgRwZ_DZLBCgVz0jogzlxZbIdGh3-bWSFRUeakFNpKpns...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPINxIyVeQgRwZ_DZLBCgVz0jogzlxZbIdGh3-bWSFRUeakFNpKpnsw-ouY6YZbA2Bs5hlUQB73jsyAy9uOYcRKjKae5qtQ&google_hm=DoNHjOt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPINxIyVeQgRwZ_DZLBCgVz0jogzlxZbIdGh3-bWSFRUeakFNpKpnsw-ouY6YZbA2Bs5hlUQB73jsyAy9uOYcRKjKae5qtQ&google_hm=DoNHjOtodanECqI026dtAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPINxIyVeQgRwZ_DZLBCgVz0jogzlxZbIdGh3-bWSFRUeakFNpKpnsw-ouY6YZbA2Bs5hlUQB73jsyAy9uOYcRKjKae5qtQ&google_hm=DoNHjOtodanECqI026dtAQ
pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3046 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0jfkRLb7verzF69ErVLYMUQ2Rnr5o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5043674373&adk=2859039&adf=3787344686&pi=t.ma~as.5043674373&w=336&lmt=1643297545&psa=0&format=336x300&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2004&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3234&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=46xgQ1pGKR&p=https%3A//newsyou.info&dtd=2009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 34D5 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
260740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJhhpsPOl12u4%2FllAFRprTODV2pSoGDF6iEg1qqxY%2FO2fFp0PUUzHPxIzhIetXY0CM2LFFsWoIeW1m4V7%2FXlf2uFg0C3PPAxmF4Bmv4K%2BlzdBwZq1O9WS78EFBoAK98W5Lhy%2BhU84%2BBCs5IdQMYDkmyn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d4308a46c983756-MXP
expires
Tue, 17 Jan 2023 15:32:26 GMT
animejs.js
static.criteo.net/animejs/ Frame 34D5 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 15:32:27 GMT
pixel
cm.g.doubleclick.net/ Frame 55C0
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBVDsNem3y_d5rhB9UDxA1E&google_cver=1&google_push=AYg5qPK8YarL71T3PjTob_MW4PTaRk2k3wPdDhzctmsN39viy7sV0cnw7E...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8YarL71T3PjTob_MW4PTaRk2k3wPdDhzctmsN39viy7sV0cnw7Edv5owaVmdEC58hbjlj6MNHb1mVbTUcOtVYlNOUXQOr&google_hm=DoNHjO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8YarL71T3PjTob_MW4PTaRk2k3wPdDhzctmsN39viy7sV0cnw7Edv5owaVmdEC58hbjlj6MNHb1mVbTUcOtVYlNOUXQOr&google_hm=DoNHjOtodanECqI026dtAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=3366303577&adk=4264282029&adf=1531042278&pi=t.ma~as.3366303577&w=300&lmt=1643297545&psa=0&format=300x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2217&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600%2C336x300%2C1005x124&nras=2&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&xpc=PqLnFXzueD&p=https%3A//newsyou.info&dtd=2221
Protocol
H3
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8YarL71T3PjTob_MW4PTaRk2k3wPdDhzctmsN39viy7sV0cnw7Edv5owaVmdEC58hbjlj6MNHb1mVbTUcOtVYlNOUXQOr&google_hm=DoNHjOtodanECqI026dtAQ
pragma
no-cache
date
Thu, 27 Jan 2022 15:32:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 55C0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXWcQUkaioxhBIsZVa767FXFylgRu3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=3366303577&adk=4264282029&adf=1531042278&pi=t.ma~as.3366303577&w=300&lmt=1643297545&psa=0&format=300x280&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543219&bpp=1&bdt=749&idt=2217&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300%2C300x600%2C336x300%2C1005x124&nras=2&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&xpc=PqLnFXzueD&p=https%3A//newsyou.info&dtd=2221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.14.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lt-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 11:06:27 GMT
x-content-type-options
nosniff
age
102359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 11:06:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 05:33:18 GMT
x-content-type-options
nosniff
age
122348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 05:33:18 GMT
cors
data.ad-score.com/data/ Frame 4C7A 		1 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RNCwshxGaoiHKSgPaMfsXOCsYoMAZmxT-FE7fPshldVrrKDwY3nLIGkLGNA==-E0zFP89kalvmMg==&pm_ct=eefdcd39b2f2602992c865f7&pm_pl=1643297546623&pm_td=372&pid=1000787&en=1.1&callback=__pm_glbl_FC849qYWgypsJ5f9FSrJCJSU._gc3&v=1f9f249
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://newsyou.info
Date
Thu, 27 Jan 2022 15:32:27 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame DB66 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDa00sCZ7eFnYDV08UAsqQSEZ0QweJcYDmW_sPD9ky7klm7A8cnpQzjuYxPlillndbGA8L_-JdyiKCA3sqVkrQNw&sig=Cg0ArKJSzGOEFK92RauWEAE&cid=CAASF-RoNbe_TARxvHcngRax7KS4qnw5HUhR&id=lidar2&mcvt=1121&p=0,0,250,300&mtos=1121,1121,1121,1121,1121&tos=1121,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=895116589&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643297544499&rpt=1327&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pix.eu.criteo.net/img/ Frame 34D5 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:15:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
281811
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31381877
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
67290
expires
Sun, 22 Jan 2023 14:26:52 GMT
img
pix.eu.criteo.net/img/ Frame 34D5 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=668&s=sANWOVUmecO6EnWKdObAApUo
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfc4d20d13a3ff3ff75021c5a5aea730ee3898b7c9199a8422f84ff6c3c7c7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:40:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
280314
vary
Origin
x-cache
hit
content-type
image/png
cache-control
public, max-age=28391728
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
26606
expires
Mon, 19 Dec 2022 00:16:01 GMT
img
pix.eu.criteo.net/img/ Frame 34D5 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1842878-_x600-nocrop.jpg&v=3&w=400&s=pMo3gbGUQyx_0jA7WtoPGj6D&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8a98fdda5bdd8393a234b00a122160f86caa54743845d4ef8eeaf34bed1b0934
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:25:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
281197
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=28762490
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
45858
expires
Fri, 23 Dec 2022 07:00:40 GMT
img
pix.eu.criteo.net/img/ Frame 34D5 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1200063-_x600-nocrop.jpg&v=3&w=400&s=YaZuCoBZd_pRCX6Q8f2oRaMQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
97a12eedbfeb92109fff2886ace297b87baaf1a346459724dd3387355592d772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 10:00:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
279127
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31362313
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
43238
expires
Sun, 22 Jan 2023 09:45:33 GMT
img
pix.eu.criteo.net/img/ Frame 34D5 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1869280-_x600-nocrop.jpg&v=3&w=400&s=_BOKbeajDOx6IHyVWu03i-gB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
42c1bc55a67369b68ff20d684d3be5182c5eabc3ba7e888d7ff1850043b4c09b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 10:13:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
278308
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31354463
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
30204
expires
Sun, 22 Jan 2023 07:48:21 GMT
all
csm.eu.criteo.net/ Frame 34D5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=2VFZqn_YWwLOacetTeKiU6jXClXWYaPWnfrFdt6G92lPUnUvnjsXu8cZGk-8HTaX23BS750Zcp3xzgDUEeA9hcLbHCR6BYD3p3MeLcGlognWqHXioUQ292EL73lfHka2pSxOQTRO_wD5G6aHv6gH1bEsuedc2wRzjlFiZrFQWBBnzeMFFPPYY5E0DXI7xZ_JTrBtCFEewbbG-BcYeQYRN93teb_B5gk-9tp1NW5K7cnRD0bi6VSZbLeDRhiy_PtTN0UL9TPOPZNunN73&sds=2&rev=80217&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:26 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 34D5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 15:32:27 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 34D5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 15:32:27 GMT
frame.html
ad4m.at/ Frame 083C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires
Thu, 27 Jan 2022 16:32:27 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
2121961
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCZE%2F%2FsG3DA0NjVnh6BIpkBf%2FhyXS3IYxrBVaLP%2B6wqpHm6ZaLjW52123Fn8RdQbtr1p23ryN0krdLc6RblVSPQmzGiO4Rxbf0Dc%2FzISFULkDDpS%2FVUnDd66KTkrbEEEzv6XGnU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d4308a53f2f59e3-MXP
content-encoding
br
css
fonts.googleapis.com/ Frame D2AC 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:17:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:27 GMT
b6b214d14f5cf68bd56e5bd50c5acaa3.jpeg
img.servestatic.net/300_300/b/6/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.servestatic.net/300_300/b/6/b6b214d14f5cf68bd56e5bd50c5acaa3.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dda309f29ad8d597bc83025e42ef7185f4433811c1dcb78368d5c1d9d231ac48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156571
cf-polished
degrade=85, origSize=38055, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23791
last-modified
Tue, 25 Jan 2022 19:14:02 GMT
server
cloudflare
etag
"61f04bfa-94a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4F%2FyaLDtMCRXsz%2BEDt0d1keuQX0sHzI74BKyq2UNU5OoOKe3QeD45qeQ99t3QhYuNvmcQTqdj8ljP2sIQO5BYxU6SJinY1i7FF2J5iwagcEv9GeDOXPEiunJ1dgGlYwTvFf0l3kS19cp%2FjBCaHNzCXc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 27 Jan 2022 20:02:56 GMT
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6d4308a5d8e583ba-MXP
cf-bgj
imgq:85,h2pri
ae7d136fece92e80059e84c05336e9d2.jpeg
img.servestatic.net/300_300/a/e/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.servestatic.net/300_300/a/e/ae7d136fece92e80059e84c05336e9d2.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8fe18ac6f5ce1b917be353b8174d1d8e648abf15bff7191d4d05b9dfe29ee66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116926
cf-polished
degrade=85, origSize=37675, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22493
last-modified
Fri, 13 Nov 2020 08:50:25 GMT
server
cloudflare
etag
"5fae48d1-932b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQ1S38QjHk9LK4QeHQeAa%2BSVz%2Fns34xp1HJkUELjpS60jzithOWqba%2F2QfE7HGdPjEfE5u6zxyQwX6exv5Q1lGTaz5DFPT5doIqHB2TrK0kuYkA8au58TmNExTY%2F4OPVqbUNmOLh96r%2BV%2BFYUlQ9zkg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Fri, 28 Jan 2022 07:03:41 GMT
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6d4308a5d8ea83ba-MXP
cf-bgj
imgq:85,h2pri
cors
data.ad-score.com/data/ Frame 4C7A 		1 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RNCwshxGaoiHKSgPaMfsXOCsYoMAZmxT-FE7fPshldVrrKDwY3nLIGkLGNA==-E0zFP89kalvmMg==&pm_ct=eefdcd39b2f2602992c865f7&pm_pl=1643297546623&pm_td=489&pid=1000787&en=1.1&callback=__pm_glbl_FC849qYWgypsJ5f9FSrJCJSU._gc4&v=1f9f249
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://newsyou.info
Date
Thu, 27 Jan 2022 15:32:27 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
img
pix.eu.criteo.net/img/ Frame D2AC 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:15:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
281811
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31381877
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
67290
expires
Sun, 22 Jan 2023 14:26:52 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame D2AC 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:33:58 GMT
x-content-type-options
nosniff
age
71909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:33:58 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame D2AC 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:33:58 GMT
x-content-type-options
nosniff
age
71909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:33:58 GMT
css
fonts.googleapis.com/ Frame 34D5 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:24:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:27 GMT
impimg.gif
pre.glotgrx.com/ Frame 4C7A 		26 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/impimg.gif?cb=1643297547162&qid=53532313f523632313f5436393&cid=964&s=newsyou.info&p=BX&x=&adtg=HB&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36&ai=&flsrc=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 14:45:49 GMT
server
cloudflare
age
6587
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6d4308a5fec29274-FRA
content-length
26
expires
Thu, 27 Jan 2022 17:32:27 GMT
/
ipv6.adrta.com/ Frame 4C7A 		134 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipv6.adrta.com/?callback=_1643297547193
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:b4f:4b03:410a:3d01:94d4:66d5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 / Express
Resource Hash
1d21291ab239dbae8ede80b2bb56e945deb4bf9311a9f6003c023954008fb748
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.10.3
x-powered-by
Express
etag
W/"86-/yw6KKV9M2zGyr5eHb/ZY+yv/Ec"
content-type
text/javascript; charset=utf-8
i
adrta.com/ Frame 4C7A 		144 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=84550007&__aasv=22.91&__aaii=11442800018424909526&__aait=1643297546078&__aavz=0&__aaib=1&__aaai=1&__aaaa=0&__aafl=1200&__aaaf=1&__aaag=1&__aahd=%7B%22chrome%22%3A1%7D&__aaax=0&__aaay=0&__aasz=300x250&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=540a1a6698863406949aa8eb7df496f4&__aaxf=193.27.14.36%2C%2010.1.4.118&__aaci=bzk&paid=bzk&avid=244&caid=bsc_1378&plid=bscr_8069&publisherId=44025&siteId=54591fa12be3&priceBid=0.1&kv1=300x250&kv2=newsyou.info&kv3=8b1c0c87fe10580eec71bc2c068468ac01da1aa3&kv4=193.27.14.36&kv5=EU&kv6=newsyou.info&kv7=betweenx&kv10=null&kv11=88eb2961629a96e8d65cb59e4b4a75dd&kv12=4094193&kv15=DEU&kv16=50.1049&kv17=8.6295&kv18=null&kv19=null&kv23=null&kv24=Desktop_banner&kv25=newsyou.info&kv26=Windows&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&kv28=Other_Other&__aapu=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&__aapr=&__aatu=https%3A%2F%2Fnewsyou.info
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.81.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-81-196.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
47513b4c359a86e05b5c26b9d002a067a88d6fa35e2226aa35b9c064afcd12ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
gzip
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
vary
Accept-Encoding
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-cache
content-length
100
expires
Thu, 01 Jan 1970 00:00:00 GMT
img
pix.eu.criteo.net/img/ Frame 34D5 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:15:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
281812
vary
Origin
x-cache
hit
content-type
image/webp
cache-control
public, max-age=31381877
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
67290
expires
Sun, 22 Jan 2023 14:26:52 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame 34D5 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:33:58 GMT
x-content-type-options
nosniff
age
71909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:33:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A127 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf0YMzu9N6JtQuJBwSW4P2PhCOZBN6ngyjpYUWyWaRGar0OEqG8dY4aV3g7iVYEETYOZto-R-s-QcUrHGlP3nI&sig=Cg0ArKJSzHWH2g-JXFlIEAE&id=lidar2&mcvt=1043&p=0,0,124,1005&mtos=348,1043,1043,1043,1043&tos=348,695,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643297545284&rpt=917&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7A2C 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CyRF8CbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTZAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uHaXD28PLj2g4RJFrhlI1rXwz4XuhJAS4iOjCjrPTsWRsWzRe4sKABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=Gxn48hnRSUw&uach_m=[UACH]&cid=CAQSOwCNIrLMrLlAaH0-sD-PlQZdyOgPf0GGFWwcl05NmvynL_Dx4IB-4DP-tN4a4aoOprm8J01Z613_-vEDGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 27 Jan 2022 15:32:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 7A2C 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gf70ws4mhm6kxb5yrq57pr1nha0nh1q2jmed7068ctzn1skh7xjm459757z1ngga629dnctq11f5vrave2whzm5rdgp2xjn6qz9z9n6h1yqc2nmc9kagz0fssvxphybek0qfqyv6xnz73b4ejpkf63c54ehqr13cb0c186h60de5z4n18tgp4dc2z2n8ndjsbqes4vc09w5qf7p6tpj7z2nhcg8rhhx767scehwfhxgp7tdcvrnetc2e7tctr09gk959fgm1pt1hzrvvbz3p3y8gwqze6gqkjycq512edqdxz4f5ng8wan24drap4w21w60n2q57f8sjrya2jhm1ba1gb38gqz12bgxg7km1cvtxwfh84a3amqgc05c3r1peatq81jj2tqkh5dqbgb5x1w6bfyjk3vgv4&b=YfK7CQAAyGQKGI1CAAk98ObSLZ0amiz9tPAeZw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3378422422&pi=t.ma~as.6825749971&w=300&lmt=1643297545&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643297543218&bpp=1&bdt=748&idt=1774&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67fa2b61606cdd89-22cd55fb2dcd00a0%3AT%3D1643297543%3ART%3D1643297543%3AS%3DALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g&prev_fmts=0x0%2C580x280%2C610x379%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3153388284000&frm=20&pv=1&ga_vid=274054083.1643297544&ga_sid=1643297544&ga_hid=1968516418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064219%2C31063221%2C21065725&oid=2&pvsid=3811902208470004&pem=691&tmod=1631668500&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=WS9I9YxzGn&p=https%3A//newsyou.info&dtd=1794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame 34D5 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:33:58 GMT
x-content-type-options
nosniff
age
71909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:33:58 GMT
rs
ad4m.at/ Frame AE07 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a892934a8179f503669049b2fea18ba3b8957735c3431ca272c286dfdb926acc

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6d4308a78a93e8eb-MXP
date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IQsLYFQ7rl5rZeICoHegTssr3zZ1TXPFLYEKgsNl%2FDclkwlgjhsiaWJTaez7TE1UEnc8VNB0RrspUNBpXUZvYJVDaXJtcj7LzfcV7cmZDsaiqYaAivbWbq22cWMABbWNpNLjN0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-3l9z
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-3l9z
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puaJIpKB74UHmLapaLgwxDDZwOoJe9aDzQzvQNKsPGLEaZx6%2FK7tmvBThmPcmHyy3Y2NbH8PqrdMBmbqnpmfBHucoNlUcZO0aHfyQgw4IynjIK8JLKzMEWXQ7%2F40uXBy9Ai21Go%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d4308a719ebe8eb-MXP
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-3l9z
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yI%2B0tViIGgB2C%2F2apjE7bZeNrX%2F5jECpGER2guyV%2FgWAQEjTBD2UYnJwT0HXYacJYhkuGBuYAiEstbiTHFAkJ3XsSFRNYb%2B7xwf8a2Dmq4UHf6MDkylMVg2JN%2FJv3k7MXzP2HBA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d4308a729eee8eb-MXP
rs
ad4m.at/ Frame A2E7 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40dd8a285a92705da0f56bae63482a483cc99c07b7871e5dfaf65c68c2e3fa5c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6d4308a78a9ae8eb-MXP
date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDFYQwSSasti%2Fnfvx5ScG%2Fp4Xak8FB99jHsiwgjAFA1EirWbD6Scs%2BlwlFaI4DkS9lno922YOvrcaH0BKDIUWlZlRSuumXonc4D4qnKRPhdZ%2B4hoIc7pAOOM7T9cLoBtTNkdR9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-3l9z
rs
ad4m.at/ Frame DD16 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c393c9c4d935997e6da7c6c2482eb63bc7c52425bf7b44be1a2d70dbf3093394

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6d4308a79ac3e8eb-MXP
date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbrKl%2BJ6K5O8V3v%2FNGeh%2BzLoSsjwDhDAtTTAojmwn94GOrDnreKwqDCK7D3T3%2F03JVBfWh1SLgIU3e2svNXfENra%2BHHR%2F10UtTKpnWjEIk73vO57Mfwxg8cxMUXcW2NHycPNvRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-3l9z
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-3l9z
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urSYGMMlcKq%2BahqSbbaGcFpKQBsZfy5%2BQ5KpDfdDlx24XatS9gQhHTcg%2BpUnkbnolSvx7xlf9I%2ByPtMEajfya78S0jDHKPRBoiidSKaxhmA%2Flu9VmeoXUNGXSjo7PVQLQ7Ln0mU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d4308a729ede8eb-MXP
rs
ad4m.at/ Frame 891D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d912c7841acb6149fb3e35aac95d7597bd230e7a6d89e1def9569c5f19578a7

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6d4308a79ab0e8eb-MXP
date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyQe%2Bwb1T%2Fz7uZbtQbj6io4wlsv7wpQ7vgOVgMzcrCywf6Dp8apwtAOW1GmhEUVyqQ1oxrFLWR1wjNiJcy89P8ikOyNCxVyHamTw30fd2Hyh9MbAgdyiofVBMFY%2F6ZRGUsTewHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-3l9z
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-3l9z
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Meldyludl0dQazw6oFd%2FvOZnIe5sERCrDV5eNBo55yBuocgurG262XtsuAh3%2BVuCu%2BMbiNRw4%2BO7zv2Q%2BxFZcoIP%2Fvd4kevKSM3BHuLCsjdcT0u4aP4g8yy21DEU1f%2Bh8QERpF8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d4308a729f1e8eb-MXP
cors
data.ad-score.com/data/ Frame 4C7A 		1 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RNCwshxGaoiHKSgPaMfsXOCsYoMAZmxT-FE7fPshldVrrKDwY3nLIGkLGNA==-E0zFP89kalvmMg==&pm_ct=eefdcd39b2f2602992c865f7&pm_pl=1643297546623&pm_td=748&pid=1000787&en=1.1&callback=__pm_glbl_FC849qYWgypsJ5f9FSrJCJSU._gc5&v=1f9f249
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://newsyou.info
Date
Thu, 27 Jan 2022 15:32:27 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
rs
ad4m.at/ Frame 1D76 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac7efc4fbcd73d073d6f4a2e98d8d2665b856bbb85830090d5fd5529fa642aeb

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6d4308a79ab3e8eb-MXP
date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJJ3%2B2VHbNdY1TLlXC4FCz10vQCBFx1PF0uTnLxhJbz0y3hECHOZRBCRc4Xvi%2BNdncbiRRhwkSA17n6HtZcbz2pIcbF7exH8Y%2FVuwsmOijMP7ROTt%2BamqPQxlsgywwbZBI5CS7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-3l9z
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-3l9z
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqvRqhvxx%2FGXGpYxCmI%2FcuM3sILGc4uUpHAxsz%2FaSRrFGy18X%2FxPpiMp041lOhnVdhFcQw4Ft3KRGNcAX9x9b1OkEfiRn%2Fn02%2Bk3%2FhQkUPSxXJUSF0X6Q9WSc1y94eu2PqP6Il0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d4308a729f2e8eb-MXP
/
sync3.sniperlog.ru/ Frame 0D68
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiL9sqPBlIFl4XSlAY*
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABiL9sqPBqIBEFT3jVp_hhHspukAJZDIJDc*
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiL9sqPBqIBEFT3jVp_hhHspukAJZDIJDc*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=54f78d5a-7f86-11ec-a6e9-002590c82437
  • https://sync.bumlam.com/?src=aid1&uid=KW7YzCNHRK0ZCV%2BZ9mlSGw&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=KW7YzCNHRK0ZCV+Z9mlSGw&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=KW7YzCNHRK0ZCV+Z9mlSGw&extra2=aidata&google_gid=CAESEECykeMPcM9OqnjmYe1Naso&google_cver=1
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync3.sniperlog.ru/?src=ggl&extra1=KW7YzCNHRK0ZCV+Z9mlSGw&extra2=aidata&google_gid=CAESEECykeMPcM9OqnjmYe1Naso&google_cver=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Server
31.172.81.158 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:29 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync3.sniperlog.ru/?src=ggl&extra1=KW7YzCNHRK0ZCV+Z9mlSGw&extra2=aidata&google_gid=CAESEECykeMPcM9OqnjmYe1Naso&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
internal
dmpprof.com/matching/ 		141 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&dmp_print_id=75f67d020a6c2c4561d1ca4670345b0a
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
fc99180bf7b8db9c293d6bb9672fa44c364adea1a31f1618c5a7de8bb88e9d6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
141
rar
as.ad4m.at/ad/ Frame D5E4 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f897588905532ea55aa45204276fdb94a1d262632f4a4024816e99e8da4dbd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jkxcbdmd854w42er26z73ph0q06egarz00sefpbd2v630gbqjm2xzbdwxaj61syr0afgfvm7yr25p4zed4bx4a8ntajz9m7d8htdre8m34j5y8zw6ebe49gprdn8dhegv0032wwgbcw9fwpb77bk3pzf0jvg3hmsbd4kedpy1tfndjagq99ya4qadws6v1a8vf9pt364vqzzbqx6g8pz668f0rbcmgcvq62ftsajk5sqbxeze2ykqvhmran7g1jw272x2arajhzd7xeyq2ahybbk3622gesxw4gswkb7stn029wpctfnax8505hp4hsjm7nwh2fkkrr2a3dhhegv08hqdwk0mcyta7z7bhxpy23zrrsv7nx5bz6prw28a4mr8pg85v4ccq80fgpfyz823qgg2s86756d0dsbn79t6ry93vfx22n3v1x8ntv3nt3qj20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d4308a80f1c59e3-MXP
content-encoding
br
rar
as.ad4m.at/ad/ Frame 7788 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f24bb1d658a09e662f19a09227e586b040194bcc6e0fe7204dacfb3c1fdc1e0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1k9ac6tfhw3caf1tjr1evjswa4g9z3m9a6e60841npp5hsdy1763v5sjkdchf4j5b5dte07vzhcrf2pray6dksbp028jqemnjf77wxbpg9rze75htpnrz7cjdqpjdwszncsfcnc32sbdw7dbwj1zg8jp5xd45emj8bdedyy7yy7az5kbtdp3zrbqt8a323xt0t5sx2w34h4a16bccdgcf2nzcznked5sra4dxag8f69dwx61rah1sthtj881kfkryzr9hj58mdzpgtdsdzext5896qc7bx9n1xg22fzq8qp13ym7wxk84myk3mnfyt9e3d84y1g4k9emmwbmgjnmcyz6z2x56nsggfwr3kgwd3031035pm8apkw50r0wsav7yj2xh5jswywx0xgzvx8rygvvwbsmnbp56dtc18xbcezf9b951tnhzhq22pb32kzth8pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d4308a80f2559e3-MXP
content-encoding
br
rar
as.ad4m.at/ad/ Frame A783 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c6fb83ae4f7d30ea54fe287fce3534c8096bd78bde5ff3d4e9e4ef9acdcb837
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h6kamkccfyxw7hac41av5cdjdyasy2vd9q5whb57yaf8bqqmkhr6tv8h7g6jnv3brks51sp6yf2ascnty6s0gv2fw701p53eyrp7044a1y0p9ja2gdtbnwjgmf3q8fprgpsfavxy16zyztsg0htxkc403xx3es1xvzdspm1dtwh212pwhbjm22sm5j2wpsw9b0srzm0g75gcfn9rz6ng7ef49h0673mxyatj4jfb95zqwcam1snz945ee2k1f7rx5e6ng0m60hrnhjyatsjr9g6r0yd7qx5bf8zvyt3xhfq78dvvsktgwxtf9zpp5zsckhj9b91nas8k9qgbngdp5zvc6wrct9kbncdm30fp8tcgy24hjdy17kg7ran9qz9fej5cqdy154sf350y8wgyh6xkyr8eac7ek99jzf0w3jj52ygg0jw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d4308a80f2d59e3-MXP
content-encoding
br
rar
as.ad4m.at/ad/ Frame 6D99 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91319263d8c70cb70cde3e82c4fa397d8cf845d22252a8a51fd9b1b66a3171f2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g8jzgdkg7cabxb17wafdtxzmjqvhb5ng57xzpns5gwxbhfbt95sy8vzbnss6mntwnvtyw6dwdyrkbwkq5x4r71wht0nagm8yyx4ej9fypv641eb9ydg8gerge6vfxhteb71dqw29539py86519v3smx1kgjg1zagnbdy84a3qcf2db9dxf7m9hmq07q054yb00xmrqxrtnrdhjnd0kchpp45saj9jz9xr7tv0kepqrxn9fyp0hqcnvbfc03y64wj685dwnwct97yck0tgskvwgx0619gt3zd7bnh3j1ebyfy6jmfafwkac26d9qn3dyn317zz9xzwmmp7kdh51w2sq8qxkqhk0q81rs8nzegafbf6bjmj3v2bdmk0vh4r6fjm6yztjzvskgx3fxave8a40rg3dzhzzxrmn9667tdybxvkjm6c7afqxw1j3vc4dpxjpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d4308a81f5b59e3-MXP
content-encoding
br
rar
as.ad4m.at/ad/ Frame 04B2 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59bf63344921528f50dfd99fcfe22618771ea0aa6774b773ecb0ac5e2cf4d7a8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jfrgvsw1xzhngfhcvfvgs5fkqsw54hxct4fkc012envfhqt6v4g8s5rer20hqs9tkpcgax9rq0gp4bbmyw0ht87934bvc2qg3h00afgdde9f4qpvznd4tvwyxq23334cwcfaa26ezdsk1t2xw42v4k0m4nj6snc62pn37x8asjwqbhz8jzyds2714rsxgccm49c0d2snefc4tv9fgqshbnaepxse8n95q9whsadtk2c92cxhzrde7hbkmn9bxwgjf8yy1kfsbyf64bdb9szjzd6zxx85z7pypad9gq7vtf7k3h4nv4j3x5bkn0kre75qq1eq1dr99v27ycct36pm200wcjzhx94z2s3491wdhw8hz51tt5b3g9yykhszp9s5js0swrb0efbxby575pyx01p7ypqr4k023z347pv6r1s2txw869dr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d4308a82f7759e3-MXP
content-encoding
br
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:20:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:27 GMT
css
fonts.googleapis.com/ 		3 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:12:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:27 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame D5E4 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83241
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 26 Jan 2022 16:25:06 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6d4308a8d9c459e3-MXP
cf-bgj
minify
A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame D5E4 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45783
cf-polished
origFmt=png, origSize=26777
x-guploader-uploadid
ADPycdsuu9a549VSE_Xovfrah0hysziYcBbf860_R28JtFFoVYvN8su3T4T7bTKNYTkhHu6_wBaM82wAD8PBuny3NVJyjf-eTQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15238
last-modified
Tue, 07 Jul 2020 09:20:40 GMT
server
cloudflare
etag
"018a5f3736332bfa050998ec8f72beb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3ounSziu8i%2BNWawxfrVEGSUK2PXFGb%2FxztLF4kuiNaGovOFEOrpKpivCd4N9AZ7KI0xCNWOVQH6BV5IJG0vCuYttfXmSu5O4PG9XMefCjZbL6h7A4qtnw4FNbu6uBVCwYYAXPwKFqVwkfsC"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594113640078278
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
26777
accept-ranges
bytes
cf-ray
6d4308a8e98f0f86-MXP
cf-bgj
imgq:85,h2pri
CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame D5E4 		382 KB
383 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
589799
cf-polished
origFmt=png, origSize=588465
x-guploader-uploadid
ADPycdu7ATs-vQEpbIFGLkYK567EayoHdnwYbdPA_PHwQbkujMpCkEJOTbXfrgzzWyqBhKjpgBUJtOM4nVygVbDLITM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
391402
last-modified
Fri, 22 Oct 2021 09:31:50 GMT
server
cloudflare
etag
"6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TBkTrVuXT8ZE4JroRM9bj2zd%2FGbhfYp8P3fs4o6XVkF9OLMaHV9ckf%2BPlg8ZdW%2FlfZS2fShX9FsN7VOnam6R3ipO3Syf9nqbRVfNPhmkiTIeqNIwAVMAo1pVhXU0Pcjbfcjwng42i%2BQcSUa"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634895110632642
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
588465
accept-ranges
bytes
cf-ray
6d4308a8f9b10f86-MXP
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame D5E4
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATK...
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Ne...
0
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 27 Jan 2022 04:32:27 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 15:32:27 GMT
Server
nginx/1.19.7
X-IPLB-Request-ID
C11B0E24:D6DE_91EFC182:01BB_61F2BB0B_11714F52:297E9
X-Powered-By
PHP/7.2.34
X-IPLB-Instance
40028
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=UTF-8
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Cache-control
private
Access-Control-Allow-Origin
*
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive
timeout=20
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame D5E4 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
848990
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycduM9AvfNdV9xvBaiWZHK7hspyW3iZEGLiptYpUzsTm0zx0Qjh3aCoHlxFI3nuJNS2Y8m7i_QUS3RhfpE0EKheU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bo2EDn7e3wMmNI1iQAkGuDXoSmbMeLNxWvtwBgMIe1a9tCLpOucj08yjCizlGfI1W2oCyB%2BcWX%2FoYoifhzcslzbwUZkOtA5oW2%2BdP4LP9tmYsE1%2FGT1BcD%2FnbJ%2Bz8g9K9c9zgEgw6BupF0OE"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6d4308a8f9b40f86-MXP
cf-bgj
imgq:85,h2pri
4F4C9A2D7395F4A22A69E4FF899DD987C3D93173B4A1A10C53248E23143B0CF6BAA70B9C16381AC5F917AB284304F801A1D532F2E3F04B5E86B818EDEC445252
assets.ad4m.at/product_image/ Frame D5E4 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/4F4C9A2D7395F4A22A69E4FF899DD987C3D93173B4A1A10C53248E23143B0CF6BAA70B9C16381AC5F917AB284304F801A1D532F2E3F04B5E86B818EDEC445252
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d59fb9c729f04cd84799db8137a07593d1658c3a2827018284f74d705ccc629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=0sGzgQ==, md5=E9fn9wEA2esguxJas7WBIQ==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47744
cf-polished
origFmt=png, origSize=247870
x-guploader-uploadid
ADPycdtVlGZ48Q_pYkpMPTNDE1SOUM_4H7s3N51kajdWecYkNJAGc4loAiS7MHJplwBJiL0y3T1FbLXPPX-tU14BDUk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
110084
last-modified
Thu, 15 Jul 2021 15:02:56 GMT
server
cloudflare
etag
"13d7e7f70100d9eb20bb125ab3b58121"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tv6MniPr8PyFUwnEBOLe4YSvyZnAO3TLD%2BPuQ%2BhIJSJcWMuPLWskW8wfyj5r0%2FMBhwbChJPOqkZ8Yq6e%2Blka6AmaS5pqsk3eGpCEtkifPGFjrYiktPDeevl8Gcmjkv6px1eK3gGnxzLYqmMg"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1626361376778545
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
247870
accept-ranges
bytes
cf-ray
6d4308a8f9b60f86-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame D5E4
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=oneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdp...
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=oneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_co...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022012716322762824043421X117703V1226132702MSoneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022012716322762824043421X117703V1226132702MSoneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&spid=2022012716322762824043421X117703V1226132702MSoneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&wfid=117703
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022012716322762824043421X117703V1226132702MSoneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&spid=2022012716322762824043421X117703V1226132702MSoneid9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9oneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&wfid=117703
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame D5E4 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590655
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdvDu0ZG_H-KdZmTmbyrf0vRxzfx2_WqhJ-AFdZQBSA7JDqFD4ULe-Sp8-YU62RxOVMBMC4ycMJYte-tPVsH7g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lvoz7GUq6vdjHlhjsUZF8VaTj%2BaJ4MSUaSBYVwZja1P7Z7AyGI5y6WpEs%2Borrr4dnjOuCLE8Igj0FDrGBydN1lnlrQNsLugZc1rbmqabtT1%2BDQPvWFEejDZ2s9kYdObP897yBH4iy11ynWV"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6d4308a8f9bb0f86-MXP
cf-bgj
imgq:85,h2pri
4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
assets.ad4m.at/product_image/ Frame D5E4 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=JbWtsw==, md5=JJTrR/gVHMvTHm8bHvL8+Q==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587460
cf-polished
qual=85, origFmt=jpeg, origSize=136162
x-guploader-uploadid
ADPycdtwZ5pbNzw-Ha_6M4mPXwd1yOx6wnICE3ufVqViyyyVz4nurSDYqGYHUaaaPEnLBXsuJg7BeEFfqrgS1sbzvIQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19842
last-modified
Thu, 21 Oct 2021 09:14:42 GMT
server
cloudflare
etag
"2494eb47f8151ccbd31e6f1b1ef2fcf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdVPRvSlUMp3o%2FnCBOLSDhHdaQU3hfPvnh20SYXAoPYMaLH4LXV5eBXdOVcRRmQJhE42w2z5Z%2B7%2BWYbrmBBNFGhHIs758CUT2DXClbrnQzgMtUP2kpq4GiT%2Bb1CD6dZmAbfLlIQm77epVD%2B0"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634807682206403
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136162
accept-ranges
bytes
cf-ray
6d4308a8f9c10f86-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame D5E4
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVEoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVEoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_con...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022012716322762824043411X117663V1225131106MSoneidAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVEoneid__asuiddd7M2lmt...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022012716322762824043411X117663V1225131106MSoneidAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVEoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C157265%2C37798&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C9ZgsMfmfVzWgCKHBH2t7trr9U9SmTYBCRB9%2CAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2C1r2SbfKf6A9kC9HdH9tpC22rh2SKTMJHjXk%2CM13azfrfqgqsWHEHGtQC661tBS4T6KFzw1&c=300&d=250&e=dd7M2lmtBESmkONyO0cLVDlg-LLwmR3u&g=89ad0106e905aa377a8b6792ae647978%2F7577637538820841040&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547477&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq2xw2301c6b9j7xpj6tbr65f9sqzebgc6b0xkk7nh5xd20t4ymhpvpvbn6j3fzrseh8wtf21tqtdmw1kgsb6060rdqyvg2n4gcg825wkj9c2a2bkeb960pnsa231b259hpq2kqhftr7bsrbvj20shed38zk8jn209s9m8m5vqq032gya0pcd11nsy8cqcd55gxnwk9yaedcwf9ymkg8ph6q81t8smbb1w5ybngqtg9q7aja7nmqdvz1gbr7sty6qhg48map0e8grcksmqpktfp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCC7wOCLvyYfeFIYzZYrrlj4AGkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTWAU_QXLOF7qvCbzm-sNTZVp2mxaSoFqYE78ou2NssUEXp8SdbfVyfoQ06OW0R1zqG_AKmXWZx9JWz1H5xXo8VIlIXkbJfxPixreYZgVCBZS7nFrGG7VtGOSVuf8uSyQVjEmoODKt2wobniOM_bsqItt-dDPpaCt7rXqIy3MOS8K29Puv1YT3GEqPhbz4kp9UMxLuyVAZd2ecW0X40WuOhD-Rpg3scjHLYEJjL0kKGdL1-_kPS63hZ1mrpnyQdvG1KG0rhsfaGWJi3A1-vACI990RHQRZhe4CABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3on7LdnZAZB8PUQRaXUI7_qxkabA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022012716322762824043411X117663V1225131106MSoneidAg6SYfqf5Y5CAHRH4tktMMGsRS4TVXSeVEoneid__asuiddd7M2lmtBESmkONyO0cLVDlg-LLwmR3uasuid__suite_Netmix_Reach09_PRIVATKREDIT
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A783 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83241
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 26 Jan 2022 16:25:06 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6d4308a8e9d659e3-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame A783 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
848990
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycduM9AvfNdV9xvBaiWZHK7hspyW3iZEGLiptYpUzsTm0zx0Qjh3aCoHlxFI3nuJNS2Y8m7i_QUS3RhfpE0EKheU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACN5Yz047%2B%2BKmz1MYVWm3Jxl2vILuGnkgMoOdpZOixYfXJNh2H7VICDNKapVAfTMO07CPqpHGOAIFb0PbRy%2F7hq9%2BKqsx0dMOXcTEKGru6BxA6DXozMcqb8vtGGHaCDjDacndcb2h%2BL7IaXi"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6d4308a8e9990f86-MXP
cf-bgj
imgq:85,h2pri
6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
assets.ad4m.at/product_image/ Frame A783 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=xKcLcA==, md5=LqUh6dMvJZgb+FCIIELoIQ==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
589705
cf-polished
qual=85, origFmt=jpeg, origSize=29501
x-guploader-uploadid
ADPycdsC98ub_jiOl1gKjLZ70virfL4ycstykiTFlt7tdOdaxpOpB9Rx6Jkl4YLiusrcPEH5vurhU13ykPd4XvU2ObE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15016
last-modified
Mon, 06 Apr 2020 13:24:35 GMT
server
cloudflare
etag
"2ea521e9d32f25981bf850882042e821"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwIqIn3xSDoTaqhIwV%2BRCem6SkgyfUlmNO9yOmSLDh1VeYipBhwwkaVe75NMKAdK1FQRzMFBV4u2sJqlN8qpx6q87Y9PFrkIIt2s9dicHFkA%2FWJ2zUBfg5bALpmM%2BDvJw7S%2BHRpkiDlVuPYk"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1586179475532187
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
29501
accept-ranges
bytes
cf-ray
6d4308a909e80f86-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame A783
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043429X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043429X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022012716322762824043429X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043429X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022012716322762824043429X117679V1226132702MSoneid23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTgoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame A783 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590655
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdvDu0ZG_H-KdZmTmbyrf0vRxzfx2_WqhJ-AFdZQBSA7JDqFD4ULe-Sp8-YU62RxOVMBMC4ycMJYte-tPVsH7g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVA2r6yQdkF39KstYk3NgfGYSpYD1rWlqFRPjaR2ynhGk%2B%2FKswRLXVr%2BBr7BQD8GX0veOuuMjD0YdJ0KQ6k4m7k3QGMhywudRI9HWnXh2ZVAfJj7p19C0%2BHtTr2iBhU4dN9L6pCmLiRCmAl6"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6d4308a909ed0f86-MXP
cf-bgj
imgq:85,h2pri
4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
assets.ad4m.at/product_image/ Frame A783 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=JbWtsw==, md5=JJTrR/gVHMvTHm8bHvL8+Q==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587460
cf-polished
qual=85, origFmt=jpeg, origSize=136162
x-guploader-uploadid
ADPycdtwZ5pbNzw-Ha_6M4mPXwd1yOx6wnICE3ufVqViyyyVz4nurSDYqGYHUaaaPEnLBXsuJg7BeEFfqrgS1sbzvIQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19842
last-modified
Thu, 21 Oct 2021 09:14:42 GMT
server
cloudflare
etag
"2494eb47f8151ccbd31e6f1b1ef2fcf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfEFPdRj26fAmpbxClRzIf8Or44%2FMLmQmIrEhPvqH62ML8VWU66Ht7I6U9znpoATz22weuTonsCzS5ha52FjVzVfI3vzKsk9bKo2EKVFwys3kDBpFkqs0XI6hYv6YheCEctVUlIAdP4UMlUW"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634807682206403
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136162
accept-ranges
bytes
cf-ray
6d4308a909ef0f86-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame A783
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022012716322762824043475X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuidXipVTH5zk...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022012716322762824043475X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022012716322762824043475X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame A783 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11338
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdvABLSSKGyO5Gf6pUAeN4ipXoXMvkKVJETOCjZTcx50j074PbRPhUJhYy-IUInu5xpYL1X7gZfz22IRDvRYyXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNdv0oCIhs6rK5diAr2cuDiBP7AKB7PfhF2OQsiKdO1qot60uhbowvnCr%2FxveY%2BgO9g1vFZtkrGLQp7UaCOH5TfI%2BPqZwf9qvNaKQwV8j1fHzStdwGS%2Fp1c0xsHcB4lfsC%2FcCFkrqVhtIfr4"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6d4308a909f30f86-MXP
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame A783 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49601
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdtEpPNcma4cKbilKLkTQte2CMgku8z6XEw-8yisuRMR5rbl6-FyaOXqWzI9Be8rYEjMV3hUE1ELXLprd8GKpuNCuR_6Ng
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKQqUX6Hx52LlMKorNGO4Rbu5zR4p2O66YAfP7V8k2EAu983nfjQdcOQP4GF8FhuHKSAKFe8BrKYlNZPaW929KTAhwRb0lN9Tunkdbqy9PtbGy%2B5Ck2QDiwc4CYw70LjvJZ0bZhHtjySGBhm"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6d4308a909f40f86-MXP
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 6D99 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83241
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 26 Jan 2022 16:25:06 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6d4308a8e9e359e3-MXP
cf-bgj
minify
A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 6D99 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45783
cf-polished
origFmt=png, origSize=26777
x-guploader-uploadid
ADPycdsuu9a549VSE_Xovfrah0hysziYcBbf860_R28JtFFoVYvN8su3T4T7bTKNYTkhHu6_wBaM82wAD8PBuny3NVJyjf-eTQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15238
last-modified
Tue, 07 Jul 2020 09:20:40 GMT
server
cloudflare
etag
"018a5f3736332bfa050998ec8f72beb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qFrf13cXql1dFdU9avh7HGY%2FLoaHFv%2BbQGk5KL0WLO4JKi32waAqUtF1RgK5h%2BdQQ3ppdzGAeG9Bikqu3wnM8Ezg9HlYQr6TGX1xe4S4s%2FLs%2FwXje0BKEY8oq9lc9VYBRszmQwZFRkMWUky"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594113640078278
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
26777
accept-ranges
bytes
cf-ray
6d4308a8e9a00f86-MXP
cf-bgj
imgq:85,h2pri
CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame 6D99 		382 KB
383 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
589799
cf-polished
origFmt=png, origSize=588465
x-guploader-uploadid
ADPycdu7ATs-vQEpbIFGLkYK567EayoHdnwYbdPA_PHwQbkujMpCkEJOTbXfrgzzWyqBhKjpgBUJtOM4nVygVbDLITM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
391402
last-modified
Fri, 22 Oct 2021 09:31:50 GMT
server
cloudflare
etag
"6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULXY92vFjLhMHJGpXcGZs8NP61KUjHUvm%2FXiDTgif15a4O%2F2UvMNMcmSVNuKhQLT3ahvjqg8%2Fy5E23xxShHG5ZbAOoX6KgNj9BnDlMJp9obIjqGcaZNr6oVAFcV2ulVEOwY7O%2B7kD%2Bo%2FMHL%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634895110632642
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
588465
accept-ranges
bytes
cf-ray
6d4308a909f50f86-MXP
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame 6D99
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATK...
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Ne...
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 27 Jan 2022 04:32:27 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 15:32:27 GMT
Server
nginx/1.17.5
X-IPLB-Request-ID
C11B0E24:D6E8_91EFC182:01BB_61F2BB0B_1169DBA9:4416
X-Powered-By
PHP/7.2.21
X-IPLB-Instance
40027
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=UTF-8
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Cache-control
private
Access-Control-Allow-Origin
*
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive
timeout=20
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 6D99 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
848990
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycduM9AvfNdV9xvBaiWZHK7hspyW3iZEGLiptYpUzsTm0zx0Qjh3aCoHlxFI3nuJNS2Y8m7i_QUS3RhfpE0EKheU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkfsZbLRQmH08nckYdLuGWgxE7a1OLwMrIWFZJF8KaAjqOxUxVnZ0gtXRk5gSpGrOz47K0afskseVPpGfsTqaWdB44JRwfam4ET71VyE9fnF%2B8lNqYVE3DqxNxi%2BhIq2R8KygGI7SiKoJBOd"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6d4308a909fa0f86-MXP
cf-bgj
imgq:85,h2pri
C0E2E65BC4D69E2C5F9D514A5041B6B0AE0E5BB863260C3B30D59861DF186AFE1011A812913038724AE6F6D9126CEA97123592CC0CACE3B08B0DF96C2064CD70
assets.ad4m.at/ Frame 6D99 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C0E2E65BC4D69E2C5F9D514A5041B6B0AE0E5BB863260C3B30D59861DF186AFE1011A812913038724AE6F6D9126CEA97123592CC0CACE3B08B0DF96C2064CD70
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34be38d133fe32063b42903021ab00b51e6ba9190777a9a331a323295e8cc4b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=Pv/FNg==, md5=webz2VYvtsFrTnTrxC/AHQ==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44185
cf-polished
qual=85, origFmt=jpeg, origSize=44231
x-guploader-uploadid
ADPycdsfKSdwcKPSF5hnweUlrVez2IGi-TLTFkMRriwUV2RcU5fpRdMn4Ilf6lXmKtEngpXSF-l0bpKcygaTGg0gxe4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18262
last-modified
Wed, 05 Feb 2020 14:11:28 GMT
server
cloudflare
etag
"c1e6f3d9562fb6c16b4e74ebc42fc01d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bc9NaexLZtbSAlpvNzCebQnl%2F58%2FNobWdHoFAyS8acfNkkFTpzxnBFvtnBBITzYBzgaPiyz2oCGw1ElCNelRhYAgSymcXoOrb0fLxxDD0nSQIgpAgVUUN4DfTCfssXbx6%2FPf8mVrgipwp0pj"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1580911888990293
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44231
accept-ranges
bytes
cf-ray
6d4308a909fd0f86-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 6D99
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_con...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043423X117679V1226132702MSoneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TK...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043423X117679V1226132702MSoneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&spid=2022012716322762824043423X117679V1226132702MSoneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&wfid=117679
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043423X117679V1226132702MSoneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&spid=2022012716322762824043423X117679V1226132702MSoneidKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5Moneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&wfid=117679
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 6D99 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590655
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdvDu0ZG_H-KdZmTmbyrf0vRxzfx2_WqhJ-AFdZQBSA7JDqFD4ULe-Sp8-YU62RxOVMBMC4ycMJYte-tPVsH7g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4vJMCavWH%2B0R9WVL%2F99CBB2qR%2BsWdgWhwtQ%2BlyThtV%2B%2F8Ol3uDw0JzvEuyGskt33el1rSWPmG3FFoXaq%2BBPzE7gwBdJ2mWfWexuK92JwfA777HGFk4mqDqLvGsT%2BYEH8JM899oHAQu3yXdg"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6d4308a909fe0f86-MXP
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 6D99 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53584
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdv1pOZ38z7WSc-OsdthhqgMUHQutBUdl10-Bkhg3rponwc2nRqtR8NSLRaizwwZkSsA7drdP3XaGJsa9OE8toUm4Q6Oag
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyQ2OYI70EAnkRN4kufhxZIwBKxoay3SbSS1hcLuEyZWc0VYOWr%2BkuIlxPqF5%2Fz3GHIqbjqKpZzlNAp5WFtATpt7xSFA85J%2F5utkTNSqs1hfUpxqQCJhwWknUXQaKnjjrZPNJL3%2BvrJldns6"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6d4308a90a020f86-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 6D99
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdp...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_co...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043405X113752V1225131106MSoneidDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidwFg1TKg...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043405X113752V1225131106MSoneidDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19483%2C167497&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CKg5SRfZfMPAT5HMHktPtBB4C7SATGbsD5M%2CDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2Ck7pH5f3fWpxT4HwHetmCVVWfZSjTrxtqYb%2CdqAtEfkfpYZjSEHjHwtqCbb1aeS4TWeTXPd&c=160&d=600&e=wFg1TKgdUyDNmyb4MeGa-6UnZHcCea7j&g=4904e8c6482ea07a38392da15d113669%2F12172818134907883766&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547484&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsfygtxq6533k6xcz02djc31zbkd6qvn89mnj3afyz668bwkngn99vwgbakcf7ynm72hf41f1kxcfnkh0mhatxfd5g257f8rwz84n9rzcj7ky5w3p8xznc6ayxw708chpxgnwn735jsa69x188ssgv1f0mg1msem8k46x91g9e7hr73z5pcqezybqcdverysejp7tettbg67kd5dcdvmvyhwab6xr02g8z4y41fkjn5ezcet058z2rxnqdc0t3gkn27aw17kcfmay6bgv60teze%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_2fVCbvyYeSQA8KaYvD7pJACkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpAlRb0v7BubI-qAMBqgTcAU_QefjBfHBZ7P0ciZdU5f1sR7JUvmo8s6d-a9OUNj4F65lieX4_ei8gLefxJffFWUDa0B3SazAwGmCcRBQffGm_Y_qahul_jCNZSics-OyL5Zx0KZaDHnn0f3bR2qZZdPI52nS7zMQUtGru8jcR57k-pPLCEaFfv2YYr2xX9fznE3NLnKnsbA2qFm_yhvedrOkxuiYdsrG5CjY3R5eD6BPH7M0FYUBbovo570X-0EOuQc4uX6fiSRQyCCjww9n9XBunX0Un69arChxlCCqLHEtHr0h0jujBogodS3qABo3Ctu_zw5uxGKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y9G56804seRmLLFBqM-FiZMZ-Rw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043405X113752V1225131106MSoneidDXEH3fwfGK84c3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidwFg1TKgdUyDNmyb4MeGa-6UnZHcCea7jasuid__suite_Netmix_Reach09_PRIVATKREDIT
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 04B2 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83241
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 26 Jan 2022 16:25:06 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6d4308a8e9e459e3-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 04B2 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
848990
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycduM9AvfNdV9xvBaiWZHK7hspyW3iZEGLiptYpUzsTm0zx0Qjh3aCoHlxFI3nuJNS2Y8m7i_QUS3RhfpE0EKheU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkbOeMyuoO89swcQbLms1gvR9eUypTVr3Aq%2BhJcK7vYabAGxBPVUaMCnVJTx0MW7ygQHCddljs7jEZD%2BUeQxZcT8HUDKGVdpRyR1hZEEt%2BNO%2BqZjCIguIsgH%2B9LGOFotbkqy%2FxB07nOIZQ7a"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6d4308a8e9a70f86-MXP
cf-bgj
imgq:85,h2pri
1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
assets.ad4m.at/product_image/ Frame 04B2 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=dV1e1g==, md5=OdUvFkjawxXrzJxPpO1XKA==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
589719
cf-polished
qual=85, origFmt=jpeg, origSize=60655
x-guploader-uploadid
ADPycduYrV9GAWa5DmFHYrcXbJRCr5Ee5KbsqcGOzXLP7OkJBRnfWocjOsmjw8pe_xDH1vF-zZTSHKfr7o7k8BKud-k
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21982
last-modified
Fri, 11 Dec 2020 13:58:13 GMT
server
cloudflare
etag
"39d52f1648dac315ebcc9c4fa4ed5728"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQbSeUdp5am1ho1KZRGK1ObKr7M5KPAC%2FM8n%2FC2t7a4zpruBFsrq8ZAo59DpJyeO6HnjBVWP5Yrh%2BV8Puay2fJJpZ0LTHYVH%2B6sHrMljnBEQGSk3nquBKQaWAlZB0EvRXdjL5bjTF8%2F3wPwT"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1607695093714344
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
60655
accept-ranges
bytes
cf-ray
6d4308a91a080f86-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 04B2
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043477X117679V1226132702MSoneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOc...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043477X117679V1226132702MSoneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022012716322762824043477X117679V1226132702MSoneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043477X117679V1226132702MSoneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022012716322762824043477X117679V1226132702MSoneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 04B2 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590655
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdvDu0ZG_H-KdZmTmbyrf0vRxzfx2_WqhJ-AFdZQBSA7JDqFD4ULe-Sp8-YU62RxOVMBMC4ycMJYte-tPVsH7g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqBeLGWvfK3mXmR4pkUacYnlxIKE1PDNm7B57VJmfiNFTUeBdnbtg2X28O4juBXwwGAxleZ76Oh%2BRSF2HmyjYcm49YI3FOwsUzwg%2Bzx2tjfjmb%2FiQT3K7xQXFeDkq0DiLiuJOJM1tVtc2NEI"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6d4308a91a0d0f86-MXP
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 04B2 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53584
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdv1pOZ38z7WSc-OsdthhqgMUHQutBUdl10-Bkhg3rponwc2nRqtR8NSLRaizwwZkSsA7drdP3XaGJsa9OE8toUm4Q6Oag
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S98L6VqjU9oNGLthhMgg6nvCZOcQawiduyJVMYVfVTIoWYpM79K9QurRJdfWpzLzultHkFmKNAESmJDXBbt3dlmbPqTHncckIhHAx7bopG2ICWx5d3G3vFd%2Bb4Py5XAOC8CQnerIyCYjM2WL"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6d4308a91a0e0f86-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 04B2
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043409X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidZZxkDOcsK...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043409X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043409X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 04B2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11338
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdvABLSSKGyO5Gf6pUAeN4ipXoXMvkKVJETOCjZTcx50j074PbRPhUJhYy-IUInu5xpYL1X7gZfz22IRDvRYyXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVywBtFkqF6DMTOgaeML8gIggXvHHW%2FRMBUbLXCoU93AbXYjoYIuDZRDbzh2zBr%2BWTcMP7WcvkBljTLl9NJ7jabVMf7Nlco0JbaxXSMsa2Wz6tty84LWBKGDdNjAoIwqv983oCGAEzg27vvY"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6d4308a91a100f86-MXP
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame 04B2 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49601
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdtEpPNcma4cKbilKLkTQte2CMgku8z6XEw-8yisuRMR5rbl6-FyaOXqWzI9Be8rYEjMV3hUE1ELXLprd8GKpuNCuR_6Ng
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQs68secC8zE%2FolQWK9BkGVA8kA24VrYHVa%2F8ggGz6cpgRRohAVYkwd9ym9PSIyKQsNi76CCZN5QCHyiLecUlscnZJh8gkmWnl%2FEiElRkgYF8hblsNYeLo4CDzwAf6F3gtzCnIFJx7tXDcLw"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6d4308a91a120f86-MXP
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 7788 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83241
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 26 Jan 2022 16:25:06 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6d4308a8e9ed59e3-MXP
cf-bgj
minify
A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 7788 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45783
cf-polished
origFmt=png, origSize=26777
x-guploader-uploadid
ADPycdsuu9a549VSE_Xovfrah0hysziYcBbf860_R28JtFFoVYvN8su3T4T7bTKNYTkhHu6_wBaM82wAD8PBuny3NVJyjf-eTQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15238
last-modified
Tue, 07 Jul 2020 09:20:40 GMT
server
cloudflare
etag
"018a5f3736332bfa050998ec8f72beb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjjNo9K4oeUCgR2zxlIMFeGcdPQjVIg0NcJyzmXnVD0KAN6W3JfzHi3geOm%2BPzXeyUsrIQLBS7D%2FxrVCstEaTGksFRIUmo%2BbIcb3g%2F7isUKVphs%2Fdy7B3QMGwkxNo1ZEi90IvYtCu2KJx2xx"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594113640078278
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
26777
accept-ranges
bytes
cf-ray
6d4308a8e9a80f86-MXP
cf-bgj
imgq:85,h2pri
CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame 7788 		382 KB
383 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
589799
cf-polished
origFmt=png, origSize=588465
x-guploader-uploadid
ADPycdu7ATs-vQEpbIFGLkYK567EayoHdnwYbdPA_PHwQbkujMpCkEJOTbXfrgzzWyqBhKjpgBUJtOM4nVygVbDLITM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
391402
last-modified
Fri, 22 Oct 2021 09:31:50 GMT
server
cloudflare
etag
"6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9re3viRYQgAG%2BlnrE1Qa5YQyocwcimqYvH3FJf%2FZGu6onbMr8AEr29BB%2BaZWkXLrACj5BAUouFqnNvJiO3dYD7C3jGbY5hk3nQZOzF2C3DaWxa6Os%2Fgq2ty78A%2B6wrXLK9ST80AO87hQcbH"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634895110632642
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
588465
accept-ranges
bytes
cf-ray
6d4308a91a130f86-MXP
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame 7788
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATK...
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Ne...
0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 27 Jan 2022 04:32:27 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 15:32:27 GMT
Server
nginx/1.17.5
X-IPLB-Request-ID
C11B0E24:D6F4_91EFC182:01BB_61F2BB0B_11723B38:297E8
X-Powered-By
PHP/7.2.21
X-IPLB-Instance
40028
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=UTF-8
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Cache-control
private
Access-Control-Allow-Origin
*
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive
timeout=20
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 7788 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
848990
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycduM9AvfNdV9xvBaiWZHK7hspyW3iZEGLiptYpUzsTm0zx0Qjh3aCoHlxFI3nuJNS2Y8m7i_QUS3RhfpE0EKheU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkVBQQJZsEPpzafwxU4u2Ece9NsC2dh8vV4ccrT031XIKHGzh9ylLRbtFHXL3HWokzo2HCdKQtG57emW8XdnVVjCC4QE3hxxWh%2BdgHWhzd4GnLfdEmIOsBpe5oEyk8T3Wl8wHHjtGRDBgPlM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6d4308a91a140f86-MXP
cf-bgj
imgq:85,h2pri
6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
assets.ad4m.at/product_image/ Frame 7788 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=xKcLcA==, md5=LqUh6dMvJZgb+FCIIELoIQ==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
589705
cf-polished
qual=85, origFmt=jpeg, origSize=29501
x-guploader-uploadid
ADPycdsC98ub_jiOl1gKjLZ70virfL4ycstykiTFlt7tdOdaxpOpB9Rx6Jkl4YLiusrcPEH5vurhU13ykPd4XvU2ObE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15016
last-modified
Mon, 06 Apr 2020 13:24:35 GMT
server
cloudflare
etag
"2ea521e9d32f25981bf850882042e821"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PLAhrLU8hADQTRz5RVd41Nn%2FMZXsj7kbpbI2Co0Bh70VIY0etk1%2Bn6lLMmrIdBXGxzAN6jduxsPV7c4f6pF5c9f2Qe7ng%2FgjQ3HOgn1GD%2BaJoqEijcTHPTrlA5wHqhY3QnGkqpvydC8Cn%2BH"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1586179475532187
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
29501
accept-ranges
bytes
cf-ray
6d4308a91a170f86-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 7788
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_con...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043415X117679V1226132702MSoneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043415X117679V1226132702MSoneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&spid=2022012716322762824043415X117679V1226132702MSoneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&wfid=117679
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022012716322762824043415X117679V1226132702MSoneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&spid=2022012716322762824043415X117679V1226132702MSoneid6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYPoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&wfid=117679
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 7788 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590655
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdvDu0ZG_H-KdZmTmbyrf0vRxzfx2_WqhJ-AFdZQBSA7JDqFD4ULe-Sp8-YU62RxOVMBMC4ycMJYte-tPVsH7g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZAlPoQR8dk8%2BtBtcJN4PbDd7QaAC0d23T9Wb4RXixTsQ0cPKjpb3KvMVsBhvcg3NI9RyHgLfuhqrTbRsKoc7YeD%2Fy1NrAyhCXj2Nnad2OJUr54tEOXQiRQQrHWaQFockdUl8f11lXYH7%2B6E"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6d4308a91a180f86-MXP
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 7788 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53584
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdv1pOZ38z7WSc-OsdthhqgMUHQutBUdl10-Bkhg3rponwc2nRqtR8NSLRaizwwZkSsA7drdP3XaGJsa9OE8toUm4Q6Oag
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcE9d6vqq4p6CzHHG9cn07cdNsn07eNXeH4TJ6KPnRz5WWo2EBKMsZaKVq9JBY34bsTnfPpyTtwd8WRNQ3EpKD4VEoXz2eD2g4l%2FytLa8TAlnxW%2Bb9CnSiZCnLMKUg9sbOKTz1LGp2mguLeJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Fri, 28 Jan 2022 15:32:27 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6d4308a91a190f86-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 7788
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdp...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_co...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043473X113752V1225131106MSoneidDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidXipVTH5...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043473X113752V1225131106MSoneidDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C22925%2C166402&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2C6qxtef3fK8VueHmHYtktWW8aYS1TqxTVYP%2CDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQE&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CXJjuzfrf9GXS6H4Het1CBBKCQSkTK2tKP4%2CdqAtEfkfpY4VUEHjHwtqCbb1aeS4TWeTXPd&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=90f26ad436358285c0ff2ee6b7510072%2F2290826803877213385&i=26474%2C20774%2C20773&j=41%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643297547479&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4rvqedtm537dryyc3rkhxyqvp7eee72y5nq54s4d09amb4e4pmr6fzggjxgmwtkn2pqpfkkt341jr0zzrdmsjt5gnbzvr8gc7zp2nt4jy1m13fp4v605xmzd3a473m24757brtj9w6wh2h0wqavsa0120pxceeqgnjzkzbhp3bs1gmgvxfdg86khsgnwdm9m9mdnmptx252245589t1j03r2e4080wja5cqw4hag0gr06hz4f857dkx2kga5zeqtrsrvrqjhshvvdnb0k5gbp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cPOCLvyYaT3KKuV7AOV24vAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQKL7e1ZnreyPqgDAaoE3AFP0FAUIAJh3JfrJ8QvIjikFhArLirNIJc3rGq-UyPX3-9Bp7c-INMXDJDMZMbso5kBLVWKaZHpfQ9VeO2CIAopJ0uhUeArI9syR48kFQDkG6k5DAFFIm5MDABXhHNd6XahzG18ebawsyS2z-PGDrRKra3uk1uGUkFgXBAbKJ1XGqjaXVSUvwxYb6LHJpcKDdr1liyyFyQFlVaXLNUdkZMrFxduA5i9DzKL9X5gNWvm4jFm6hENkueUekThJugr_jt-L96HxLx5o-vnIV1zONqhJFUdWbyyPFPkDHkMgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dzwWSQurNCrKN39uLrBI2juo3ew%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:28 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012716322762824043473X113752V1225131106MSoneidDXEH3fwfGKbkF3HmH9t1tZZ9TxSmT8jsRQEoneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach09_PRIVATKREDIT
date
Thu, 27 Jan 2022 15:32:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
/
5h3oyhv838.com/json/ 		53 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://5h3oyhv838.com/json/?user_id=f6458896-c4c0-4f95-8d76-e7e30490e045&site_id=7221&blocks=6944%2C610%2012512%2C300%208032%2C300
Requested by
Host: 5h3oyhv838.com
URL: https://5h3oyhv838.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
09ff7a73860aa084bfaeadf5a01030f460be8a06aba876c9c5fa576324e3d58e

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
gzip
x-adsbid-request
3358de7ce685ea493b07b3746bcb4308
vary
Accept-Encoding
server
nginx/1.18.0
content-type
text/plain; charset=utf-8
demography
prodmp.ru/pclicks/ 		3 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks/demography?domain=newsyou.info
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 27 Jan 2022 15:32:27 GMT
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=f6458896-c4c0-4f95-8d76-e7e30490e045
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=b3f53ecb83dc4922a76105b3ef6cd724&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=admixer&user_id=uXwZMl6SFCi-KvgXXX_90
  • https://inv-nets.admixer.net/bs/cm.aspx?id=9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&consent=&gdpr_pd=
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
HTTP/1.1
Server
204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 15:32:29 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=9c4433cc-c82f-4416-9bab-dec64166040d&gdpr=&consent=&gdpr_pd=
Date
Thu, 27 Jan 2022 15:32:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
c.mgid.com/pv/ 		0
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=164329754768446823753&uniqId=0fd90&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fzevayushhij-kot-stal-novoj-zvezdoj-seti-video%20&lu=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&sessionId=61f2bb0c-13d4a&pageView=1&pvid=17e9c2aa5a4b08f1d21&site=413933&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4308a90fc39262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
br
cf-cache-status
HIT
age
6585
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
563Q182XKKBGBPYA
x-amz-id-2
bdPUe4HjGqrAVg8eEZZYoC6KD28ITcgPDbSbHjAUGcQb3btZBQnFND4c/5y2yIgUVrant8QWGnY=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d4308a978b39262-FRA
expires
Fri, 28 Jan 2022 15:32:27 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
br
cf-cache-status
HIT
age
6587
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d4308a978b89262-FRA
expires
Fri, 28 Jan 2022 15:32:27 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:59:48 GMT
x-content-type-options
nosniff
age
160359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16692
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 18:59:48 GMT
i
adrta.com/ Frame 4C7A 		15 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=30435033&__aasv=22.91&__aaii=11442800018424909526&__aait=1643297546078&__aasi=4491133257881073890&__aast=1643297545790&__aavi=14720117110642207430&__aavt=1643297545790&__aavz=0&__aaib=1&__aaai=1&__aaaa=0&__aafl=1200&__aaaf=1&__aaag=1&__aahd=%7B%22chrome%22%3A1%7D&__aarf=7&__aart=481&__aacd=1&__aaax=330&__aaay=6095&__aasz=300x250&__aapf=1&__aaec=4&__aaup=2&__aaat=0&__aaae=0&__aaav=0&__aaas=572&__aaah=0&__aapc=200&__aaph=8152&__aapw=1600&__aap1=0.736&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=540a1a6698863406949aa8eb7df496f4&__aaxf=193.27.14.36%2C%2010.1.4.118&__aaci=bzk&paid=bzk&avid=244&caid=bsc_1378&plid=bscr_8069&publisherId=44025&siteId=54591fa12be3&priceBid=0.1&kv1=300x250&kv2=newsyou.info&kv3=8b1c0c87fe10580eec71bc2c068468ac01da1aa3&kv4=193.27.14.36&kv5=EU&kv6=newsyou.info&kv7=betweenx&kv10=null&kv11=88eb2961629a96e8d65cb59e4b4a75dd&kv12=4094193&kv15=DEU&kv16=50.1049&kv17=8.6295&kv18=null&kv19=null&kv23=null&kv24=Desktop_banner&kv25=newsyou.info&kv26=Windows&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&kv28=Other_Other&__aapu=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&__aapr=&__aatu=https%3A%2F%2Fnewsyou.info
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.81.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-81-196.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
cache-control
no-cache
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type
text/javascript;charset=ISO-8859-1
content-length
15
expires
Thu, 01 Jan 1970 00:00:00 GMT
link.html
track.webgains.com/ Frame A783 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
60273e13fc866bcaee3b9ea5385ec5649ca2420ddb092ee8df6f8512908cad2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:28 GMT
Last-Modified
Thu, 27 Jan 2022 15:32:28 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1389
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 04B2 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
1bc8e321648b3d400244641084731d33402c21d92847d0c72ad7d4f762d0f7bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:28 GMT
Last-Modified
Thu, 27 Jan 2022 15:32:28 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1475
Expires
Mon, 26 Jul 1997 05:00:00 GMT
1
servicer.mgid.com/1122348/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1122348/1?pv=5&cbuster=164329754784598350578&uniqId=0fd90&niet=4g&nisd=false&jsv=es6&w=610&h=203&p3_w=197&p3_h=183&maxw_3=197&maxh_3=183&cols=3&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fzevayushhij-kot-stal-novoj-zvezdoj-seti-video%20&lu=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&sessionId=61f2bb0c-13d4a&pageView=1&pvid=17e9c2aa5a4b08f1d21&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
502b634866f59486b3fecdf629c3a92fb91612c02c1e93d6f056eb66528fe681

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4308aa1a2a9262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
enr
dmpprof.com/ 		2 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/enr?href=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
1
servicer.mgid.com/1127375/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1127375/1?w=300&h=250&p1_w=300&p1_h=250&maxw_1=300&maxh_1=250&cols=5&pv=5&cbuster=1643297547847598603115&uniqId=05117&childs=1145709&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fzevayushhij-kot-stal-novoj-zvezdoj-seti-video%20&lu=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&sessionId=61f2bb0c-13d4a&pageView=0&pvid=17e9c2aa5a4b08f1d21&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1127375.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2017cbe513d83844413f47b5bcdaefa9d7bf843cc23899999c51f6ad598d1c8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4308aa1a2e9262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1146775/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1146775/1?w=610&h=123&wrongImageSize=1&p3_w=197&p3_h=93&maxw_3=197&maxh_3=93&cols=3&pv=5&cbuster=164329754785114655393&uniqId=096a0&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fzevayushhij-kot-stal-novoj-zvezdoj-seti-video%20&lu=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&sessionId=61f2bb0c-13d4a&pageView=0&pvid=17e9c2aa5a4b08f1d21&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0eae84480a2a08525135edafc70eb7ef4011cf69a78a592ba103c3b13a0711c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4308aa1a399262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
internal
dmpprof.com/matching/ 		142 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&dmp_print_id=75f67d020a6c2c4561d1ca4670345b0a
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
98a24300b880ecccc7f78948d1ce5f1a070f00ec5d9b156bbc5c83d5992dffb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:27 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
142
1
servicer.mgid.com/1024868/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1024868/1?w=300&h=496&cols=1&pv=5&cbuster=1643297547869159969120&uniqId=04cb2&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fzevayushhij-kot-stal-novoj-zvezdoj-seti-video%20&lu=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&sessionId=61f2bb0c-13d4a&pageView=0&pvid=17e9c2aa5a4b08f1d21&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d68fa002da64c84f32aaee0e3ab5d5e7c8b97448f7028921497ba7e9d9753b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4308aa3a9c9262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
demography
prodmp.ru/pclicks/ 		3 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks/demography?domain=newsyou.info
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 27 Jan 2022 15:32:27 GMT
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
1
servicer.mgid.com/1122348/ Frame D367 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1122348/1?w=610&h=203&p3_w=197&p3_h=183&maxw_3=197&maxh_3=183&cols=3&pv=5&cbuster=1643297547965272756018&uniqId=01789&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&cxurl=https%3A%2F%2Fnewsyou.info%2Fzevayushhij-kot-stal-novoj-zvezdoj-seti-video%20&lu=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&sessionId=61f2bb0c-13d4a&pageView=0&pvid=17e9c2aa5a4b08f1d21&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dde3293f8c39cc0652677137d24a8fc16ac011f895f19d0463eb5faded9c223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4308aac97768e5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZjY4NDk0MDU2MDg5MzIwN...
s-img.mgid.com/g/11739841/492x277/-/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739841/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZjY4NDk0MDU2MDg5MzIwNGYwYWQ3NDkxOGU5NDc1NTAuanBlZw.webp?v=1643297547-GdDjhE97cMPJk0hxVgZ4D11MRa-w0JIsygILgOUe1b0
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd369a3da69be23d0a862675c6ee71e362404efc35c0c6d8fc8ab2881a01a00f

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
60788e43-c740-4e2b-adac-85e6508c9a29
age
198265
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab3aa6914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19852
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMWU4OTYyMjJjMmMzNmY0Z...
s-img.mgid.com/g/11739868/492x277/-/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739868/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMWU4OTYyMjJjMmMzNmY0ZWRhMGM2MTNiZjk1Nzg4NzEuanBn.webp?v=1643297547-xAcCJuTLegvx6M6jFb5VewiIMeIUHpfXTdSKTMfwQw0
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2683f94ce8822ebc0d92d7c16c84ac4cddfb20b7c483cb4800e34fa16b47190

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:43 GMT
x-mg-request-uuid
867cbb96-88a6-4461-8951-43b7c8c2a78e
age
198265
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab3aac914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21192
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvOGMzMTc0MWYzMjg0OWQwZ...
s-img.mgid.com/g/11739872/492x277/-/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739872/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvOGMzMTc0MWYzMjg0OWQwZDFhYmE2NTkzNWYyNDNiODgucG5n.webp?v=1643297547-w-s-WsA9JfBO6Pwe7Qp5QgyaTv4kwkibjILr-sLug3M
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4066c90f570d82554427cb534ec0d886d569f53c9d5b06fae0ac41a10061c913

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
351804c7-82d6-4bbe-a942-cd057c4edc5d
age
30635
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab3aaf914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32530
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgzMWRmMjMyZGYxMzQ2NzA1YjFiMzRkNThlMmE2M2Q1LmpwZWc.webp
s-img.mgid.com/g/11739833/492x277/0x0x1686x1124/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739833/492x277/0x0x1686x1124/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgzMWRmMjMyZGYxMzQ2NzA1YjFiMzRkNThlMmE2M2Q1LmpwZWc.webp?v=1643297547-EqTEsuasUP42ojp0GYJjz_Ub37BhWjxhlfX3eeP11-8
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751eda5cac1449dd6b059004d3e1b8e8def5c122ee7d2f57e77bec691fff31dc

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:34 GMT
x-mg-request-uuid
b3391829-ce31-438c-89b6-662d2030883a
age
193220
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab3ab0914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5296
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYmVmMGJmMGI5MDZlYTM5M...
s-img.mgid.com/g/11739836/492x277/-/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739836/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYmVmMGJmMGI5MDZlYTM5MjUxYjdjYmM3MGY3ZWFkMTEuanBlZw.webp?v=1643297547-vylAPCTl8qOSt6RiihGX11GNk_FI8efbF-HFz4F2ePo
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f01b752cb87ccd902b3615e52a70d912bdeab11e7e8448a4feab97a6948b686d

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:50:37 GMT
x-mg-request-uuid
0bb368df-f7fe-4763-8fa9-faa5cd251f2b
age
199983
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab3ab2914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19200
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvZmU2N2U1NmZhYjE4NTc2N...
s-img.mgid.com/g/11739839/492x277/-/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739839/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvZmU2N2U1NmZhYjE4NTc2NGI0NTA1MTc0ZmExNjc2YTguanBlZw.webp?v=1643297547-QN-RJYl8Tu1m4TbYv6bG-3U-QRU9yeSJm9cnTEeIhyY
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e724d102e9bdc7dfaddd395c778e2e16c041aac0be0e5694811d0ad0e376c61

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
c77aee93-2cb4-42d7-a909-4f5e37318869
age
195578
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab3ab5914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11548
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZWY3MjY0NzRjMmYyODJhY...
s-img.mgid.com/g/11739844/492x277/-/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739844/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZWY3MjY0NzRjMmYyODJhYmVlYWIxYzQ4ZjM5OTlmYWIuanBlZw.webp?v=1643297547-mvIp3qOJeHSUCx55kTqaIuWhzjY9znXCI9mrFdlhW30
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38dad5baf5936c66486d5bd9fdcad18bc12abe9e097beb43da851e5523f06c6c

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:46 GMT
x-mg-request-uuid
286be862-e7d9-44c4-9b94-27e223650347
age
190987
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab9c7f90fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28782
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzUzNyx5XzQ5NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZThhNjVlO...
s-img.mgid.com/g/11739842/328x328/-/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739842/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzUzNyx5XzQ5NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZThhNjVlODY1OWY3MTlmYjExZjQzMzZmYWQyMmUzZGUuanBn.webp?v=1643297547-ZXqLnhgvWtCqPXC0uiQchUgBPxrJ0-1job0xsuASCSQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22bfb12584c9fb93c5bd786ec7325c0308d0bbbb5ce31f114e18c453b198c16b

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:54:02 GMT
x-mg-request-uuid
211fdb25-b2bb-47a6-b0e9-141f6c956f8d
age
12878
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab9c8b90fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11546
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzYyMyx5XzUxNi9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNThjZGRmY...
s-img.mgid.com/g/11739861/328x328/-/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739861/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzYyMyx5XzUxNi9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNThjZGRmYmY0MGUwYzQxZmU1M2Q5Y2U2ZWNlY2ZjNTYucG5n.webp?v=1643297547-8_0roAzGEMmZJeGkyZMqlPlbOV54n8hEyzVN5wnrEEY
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c573c21debe8f7588afcb026dcbd7e593d5dde657cbefc22be675f691fcf253d

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:56:06 GMT
x-mg-request-uuid
9f54a905-d1f8-40d6-a0c3-1fdc547774ab
age
26682
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab9c9890fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11150
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzU1Myx5XzM2Mi9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2ZiZjYwO...
s-img.mgid.com/g/11739858/328x328/-/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739858/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzU1Myx5XzM2Mi9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2ZiZjYwODUxNGFhNThmNGIxMTBiMDk2ZDc3ODM2ZGYuanBn.webp?v=1643297547-6uPSKqyWBeEk7DsPltk79JABwdFdBWRcOu9XuPWQleo
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac907e5651c5b75920569ddb3b0a8eab5056abeb2e1c98cee658dda94f709122

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:58:32 GMT
x-mg-request-uuid
234afda8-3781-42a3-8198-c2f11e1a8578
age
30766
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab9c9b90fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10780
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2YyYmEwNmU2YWZkYjFmY...
s-img.mgid.com/g/11739860/492x277/-/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739860/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2YyYmEwNmU2YWZkYjFmYzcxNjY5OGNlMzZmYjU4YmIuanBlZw.webp?v=1643297547-eCHjKhobsWjVppVyMuR9WLrCMOWWrfxpNkwh4UpWRDw
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1921065dc2b974eeba17a2617c121528af4dcab92c688db4d249f4aeca802a

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid
deb0500b-0437-4621-b8a1-14b8b3faf863
age
117470
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab9c9c90fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16040
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMzk4LHlfNDI3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9lMTc0N...
s-img.mgid.com/g/11739830/492x277/-/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739830/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMzk4LHlfNDI3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9lMTc0N2RhOTcyMGVkMzg5NjIyMzk3YzE3ZmNkMTNlNy5qcGc.webp?v=1643297547-6YZ69rn9IO97w1IZ4t9lUTKRU3kO82hjBDoeP55rrAE
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d00d07904d0e6271ebef873c9137ac45e0b2e6b7c3c043e161fd68dc08f326c4

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:51:53 GMT
x-mg-request-uuid
e4783f8d-592c-403f-b2be-d1bc0543878d
age
197343
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ab9c9390fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48504
server
cloudflare
all
csm.eu.criteo.net/ Frame D2AC 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=C3twvH_YWwLOacetzAtVMyHo2kIFieVZdTWxeIISAK2Afa63xUaCHa056XKjfdolWRycl4B-UH9fzjJWfHqMtOyfavs1Ki60GRqyMrB_cDQ5c_f-rTPKB79SqNLaWyWtJItJW24xI-7rrkuPw9M7eohqy0gmjuH4dOYJEe5Av_NdPMqgqKUIU2b0TfzqBfHl9WX_eGetk1ufXYRqcw8Y1YTFE0mwbZDT7UhtWwF18vNDlm7YCCeos1p8TJk76442ZZCaaRGzl7lvmCI_&sds=2&rev=80217&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7BwANEZgKd9aHAAezb13Hqc9KlQd8sVSItQ&u=%7CvIlrJXEi0R2mVSNo3oB5LYL%2BlF7b7SVzK%2Fh6vb2XKFc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPmfIi2GgNWUjW-T_dXHa91gOSE9AgDQ472Xx5osg1bvVuBqLCaZG6ahPR23ZZwQa4kXlOahwoH7kQl-HMsNbPdwcnpFgOW6lhzANeA7AZ2IhQdv4jNV9uulianhXlA9ufUIrGMFUmhttL2Lx92Slqei0URLnU4tHJny0TpRqbBwjXt9gFFIWXNrzz3wzmlnbUlGafdMZSQccNjpGheeLLVOYV3ItvNxVw995kyCE5_BWYyB339bzl7yNUzNFggBfYc-h26_PV9nq2AziPXct0kztn0nI5iEwT7kyqABffXhmmka47yiAScTK3TDVUKBroHyU1EOCaEr6lUfI1AGv7Erw93Tf938HuPu9BQ8RQWM_NgxN96FrGkzowLRZrHA2x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_xAgB7vyYZijNIet3wPv5p6gB8me0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAovt7Vmet7I-qAMBqgTXAU_QXpWCwPFo7Pxb-2yZYsXr2UPbuvz84dwAqGgK0skTl2iV8GQvoSbSD5jB6SWuZXQ-ccr-EGJGOn4dTkYwEU1THgu3cYqW3q_Od3uxCzpI_Hs77NtKq5pTWsFqJAuX0iVO9Hx89kQF-rw1oW2yi889lkZ968tgQ0tp2OFe73gJHtmV43A4PoyXSwg-Qw8gOl6NtCJQpvRxxADmGuYi6rSvVCaaa5WPwVIBxGwRrUs380EjOuYm5ORw-OY8SAYuwSt2HtioP16fQUcceXL5VN5ZhY7KrZELgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zFSiqJ0xXQlJJdN8oHBdmfYfUBQ%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:27 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
enr
dmpprof.com/ 		2 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/enr?href=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
css2
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap
Requested by
Host: 5h3oyhv838.com
URL: https://5h3oyhv838.com/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:27:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 15:32:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 15:32:28 GMT
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
d0361e6e902ca958.jpeg
guepslka.com/.cdn/3a8241/96a3be/248682a6aaf64465a2db3b5e08f877ed/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/3a8241/96a3be/248682a6aaf64465a2db3b5e08f877ed/d0361e6e902ca958.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
e96eee614efc0ae28e4949b5caff49a2bc802d2d0ccd9c8159e1ce7e025f0f77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
last-modified
Tue, 18 Jan 2022 16:21:22 GMT
server
nginx/1.18.0
etag
"61e6e902-5987"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
22919
d0361ef9c71ecaaf.jpeg
guepslka.com/.cdn/3a8241/96a3be/ca3e4a1f8e264aa58b4f96cf44d1b52e/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/3a8241/96a3be/ca3e4a1f8e264aa58b4f96cf44d1b52e/d0361ef9c71ecaaf.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
9b10cc8dc956b57c2d04b5ef224fb116dc59ccb7152b5e026901c7e058185c39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
last-modified
Tue, 25 Jan 2022 06:45:05 GMT
server
nginx/1.18.0
etag
"61ef9c71-2fa4"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
12196
d0361de895e5fb06.jpeg
guepslka.com/.cdn/3a8241/96a3be/a5ae3e6965ab434fbc3c180fc0a5ca80/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/3a8241/96a3be/a5ae3e6965ab434fbc3c180fc0a5ca80/d0361de895e5fb06.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
d696c3e7e3bf6e3ec6aa2a40a611a00074006680687fd264bb002b62c8658f24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
last-modified
Wed, 12 Jan 2022 07:55:10 GMT
server
nginx/1.18.0
etag
"61de895e-4380"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
17280
truncated
/ 		526 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b267a4cc065aca882faaa89c18de0dbf47ed477b17aa66cb4e7b0a7ec0500de8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
d0361f29cf705f4a.jpeg
guepslka.com/.cdn/3a8241/96a3be/d19d9fafa50e4be6b30ea6b90b6a2187/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/3a8241/96a3be/d19d9fafa50e4be6b30ea6b90b6a2187/d0361f29cf705f4a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
d56b0735bad3b66b98293e8d93959d2492410370752022e53c312011b27f2f06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
last-modified
Thu, 27 Jan 2022 13:24:07 GMT
server
nginx/1.18.0
etag
"61f29cf7-4039"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
16441
d0361ef9bc8aec76.jpeg
guepslka.com/.cdn/3a8241/96a3be/4a7fdff2598d4279969c89af9ece35da/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/3a8241/96a3be/4a7fdff2598d4279969c89af9ece35da/d0361ef9bc8aec76.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
97b4571a3ed92476de8c481c11a5d88ad8935ab99c0297ec0c0dffeb4eba9b91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
last-modified
Tue, 25 Jan 2022 06:42:16 GMT
server
nginx/1.18.0
etag
"61ef9bc8-61a3"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
24995
d0b61ef9bfb6c220.jpeg
guepslka.com/.cdn/3a8241/96a3be/4594240bb9424b42b0b2828584b0ae9f/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/3a8241/96a3be/4594240bb9424b42b0b2828584b0ae9f/d0b61ef9bfb6c220.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
a81b3f5f9d509e819904278d65030ffae579dae6740e59360f472c5fed2b4f23

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
last-modified
Tue, 25 Jan 2022 06:43:07 GMT
server
nginx/1.18.0
etag
"61ef9bfb-4ea5"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
20133
truncated
/ 		525 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e461f1fc8c8c579ce2cfd14d323e118b437217a5deedd3d7e59e0a9d7e944b1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		349 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bacf5d2cdcb9e75599240481a7a703be7aacb54e21cd79eca6f911e1654b546f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc17d109139a33b161c661f209fc503ee7fcf8f7ebbbf3aaf535ed0ab2b8cc89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
mapping
dprof.site/matching/ 		17 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=f6458896-c4c0-4f95-8d76-e7e30490e045
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
/
adsbid-buyout.adghndou0sdh.ru/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adsbid-buyout.adghndou0sdh.ru/?imp_id=d9c92cff-c974-4930-83b0-76aebc7ac316&ad_id=400968&ssp_id=10&platform_id=10-7221&user_id=f6458896-c4c0-4f95-8d76-e7e30490e045&price=0.08&resp_url=https%3A%2F%2Fdkrbus.com%2Fv4%2F31152%2Fnurl_confirm%3Fg%3DkWKM5nG9qG6iZyIaUcw9TgNyEZXRxSqrV2e04p2OnES80KiCeGbHMfJSF3_ZSCkkI46FnrB99YeZu-5kd0tbWcl3mtbP_sLEsFY46REsIDx-nXpa5bXH46MPfLU4sXPIEx_57rWbxdpT7MStKFSjiG7i3FGMp37owZKyxp4Ke3Jcm7SCm5wIBWoPeFcANjwEKt0rQ_y6rAOzN1uvRTExa1oZgsxHI_xB-IVtdHUtxX-zhXN7Eq9nbjsZEViZ38wgxw8RDmMi-tBdoIWAE2iuRAFoaAQqItz78HjRAJil1QfrbdiywKdoHk6iG81bxg6Heig_KlKyEBMkehG1x3cuMr4LRmVsNci_f4r1cg0S6aElLhQMnpf3wo0EuzKW5hpIrC0E5XIshfA4aNWjVsVje_t4UeD8MWoRzqf3e1NqE3lCRv9NX7ccwFfu9KDI4WUpohw7Lm0V_NnzOeNUeJ5-rSO9LBV_t6jS2UWaP9_9hB0mgcB7qwjZOpXMFFlV3rasXS6KTNLNrisA146WWoXDARuVCen6KJj0Yhnw5iPYdjYBSTKTAKnXKqiDtAEP0PL0sUaKo9QYMXxzJ_qALxLHAcoNbjs88E9SJwNQBjWkFTkKeVqKqTgX87pmTUM457Al32mNnobHJ7YXhpSnWeoU9T9dAZ_zKie6rIrO6fGnvSbAkRfSMe8ukPKqOL8D8qMkjM0fvv4o766z2PCJp6gE7FDoYzDOgxnDDbNJJcP55Q%26ap%3D%24%7BAUCTION_PRICE%7D%26ac%3D%24%7BAUCTION_CURRENCY%7D&bid_req_id=dc74836f-4e48-4534-8f09-2c645c1ea540&n_url=https%3A%2F%2F5h3oyhv838.com%2Fcpm%2Fmod%3Fdata%3D2hrMhLCHkkzg4luvF5auWM2oiBzeb8BrPu9UZ1wR4x6HUthYGNTmzWLNLW00TNBFI38iRv%252B4cyprkn5yoArULvEJ6KX04CzfQ95OB6IV0NRp3NC9sEDSdcIFn96g2xTQHKUQVxNRvgSwO16xiykt0LYZXUVHMtzX0j%252FOoj4KiaE6muUrhIunwg3NZCXkwBKcaQYuSlO3a%252BYD3m8OnP55lUKazQAZxY0tyosuDRJ9%252BMo9vpnFlq6wOhFDSB7EM3BxlTiIgDk7GdcRcNuS%252Fyiqxcgx85Xswk7qd2vtnEim69dSscK1DfzuGcbKzTEJRO6e%26cost%3D%24%7BPRICE%7D
Requested by
Host: 5h3oyhv838.com
URL: https://5h3oyhv838.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.37 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:28 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
pvClk.min.js
analytics.webgains.io/ Frame A783 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
43942
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:06 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
51794
x-amz-cf-id
fqJR6gNnuj6CVbbTpM9YhZstBcoWlMqSob3bxdh3CLsDj4ek0nsbSQ==
link.html
track.webgains.com/ Frame A783 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidQPzF4fjfwABTxH5HYtGtpMXf6S5t5E7aVoneid__webplexmedia_advancedad_Desktop_160x600&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C37798%2C43784&b=23Yh6fAqfwP3sVHWHkt8txxDaWT7TKBTg%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=4PGSEfX5CegzuGH9HdtzCmmRfZTpT1EUK%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=XipVTH5zksqpoSoyxVRvQdcA2zhh7rxf&g=b48a23b008c3d52806d4b45c8eb46796%2F7450947658082925136&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547482&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw1dddhmwwm0ngcanykp1y0j44y8qkymx8t347zj2dcabxstw48tx28hb5bq4pacs2pqg25t7bym4rst4mb2sb75hkhdyt7n5dcjzgn50v6s1ssw9meqp47rx3cg2yd5vrygnz5bcw6qwt80mhrjqnahdc0nzmnat76a8d4n3e1mbdawd5dq5pvexpwxh30r5zegbkkgpdwp543hxvksbf9t6sxt6xxv5rn11r8ct357v7r83es1znmvk9pe347dw5jfk2yrsj832tebqn0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQqTsCbvyYcTLHNmFjuwPpqWEyAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCi-3tWZ63sj6oAwGqBOcBT9DdtaIIWv0Jo02j0pWJHrxXIc57eZ5xl09zBqVR37A6q8tW_MRuMxEGxTdrcBBWv1qts532irD0vdaDf52CM33Kj9bOvLoTbKzknmuweTG17-24suM939R2i3V-NrcNAb8MpZdBSucboUcBHyAMb55ncBbdONK73D1iombjo-wj8vXzQ23XWZmSmiZjredqD6naazFfc3eMkQrZpCC_ZwUtvAlAE-bZYb9yLnMuGkRCyxd2-VfH4F5_zEoyKWm8FBGebUveHi-bPoynR0T8H1eVxQwK4qI_FjFBfIZP0FnBnAT918rxgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZO-8pJtksd_Gl98nXzIX-iJmkJw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:28 GMT
Last-Modified
Thu, 27 Jan 2022 15:32:28 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTRjNmQxZjM5Mzc0MzM4O...
s-img.mgid.com/g/11739853/492x277/-/ Frame D367 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739853/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTRjNmQxZjM5Mzc0MzM4OTcxZGNlMWMzZmNlOTMwZjgucG5n.webp?v=1643297547-6UptIPp8pl8ZW9IZyv_QreXakujCa6myGcpyhsujWq8
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aab942fa2cb8277ee4f869d38dea681d39442f06aa244354f9348dd8251a68d

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid
72243b8d-0ddf-4c34-ba8a-ed54cb09ab56
age
30766
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ac4e2b90fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12906
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzM0N2M1YTg5YTljZTNmY...
s-img.mgid.com/g/11739850/492x277/-/ Frame D367 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739850/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzM0N2M1YTg5YTljZTNmYWU0YTA1YzZiNThiMGI0NzkuanBlZw.webp?v=1643297547-R-_wtdDRajF3kbvG01aivb8xJIEtXPZFsrwJXViIGM4
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a1e30f1bc06b771318233a41c45114a00485c8ae2f744ff2cad69863d04281b

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
97fb0e3c-8255-4288-ac2e-15464027583a
age
39470
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ac4e3090fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12876
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYTFjMGQzZDNkOTkyYWEzY...
s-img.mgid.com/g/11739874/492x277/-/ Frame D367 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739874/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYTFjMGQzZDNkOTkyYWEzYjM4N2FmZmIzYjA0OWM5MWUucG5n.webp?v=1643297547-dIsExrj9mMjamW5nLv1MuyKRd3mTO6BeUo2S3UWoTeU
Requested by
Host: newsyou.info
URL: https://newsyou.info/ZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c0a9358d9648972ebf6c451d9db1f0372f343da97faefc965d0e1d07ea0418d

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
c69a487b-2209-4ed7-9fad-cd7a0dbcb097
age
119138
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4308ac4e3590fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36458
server
cloudflare
pvClk.min.js
analytics.webgains.io/ Frame 04B2 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
43942
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:06 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
51794
x-amz-cf-id
ScUTPKnoDUgBREEEn3Eemy1qH11q_deDQVBYrrE9bgSD-9uJ4PGP2w==
link.html
track.webgains.com/ Frame 04B2 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidV44fwfAeF2dXuVHbHAtRtpg4fkTzTgGtQoneid__asuid47zv1go4PmDtfJiDYEXaiVEbZAi9u430asuid__suite_Netmix_Reach77_TOPROTA_INDEXONLY&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C19491%2C43784&b=PJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCp%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=bwqTQfYZsxgPFYHbHzt8Cww8UxTJTJPSJ%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=ZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0&g=c405e073be06ae26728e5b279d64215c%2F13096324048244678538&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1643297547487&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbr4h18aypd1c767vetpnm4pzg6hka731x765ypg8sa8r3kf4ytn5zkn96wd31xnyxmtp5v562cct1ytjh1a7sjn5ezdtq4wbf5wga3d095fsb8ba3080sk1t1t19b38sp7r77frdbhwecmj1a56npfp0rsdvn2nnjfy3vpaamn0v08npt4wwsezknxye4m0qy72v79ag5vqghbfgq2skgea4pbe2pxhpvgfhnk62fd159edk2hap0j5b3xs8y9qnhcnmy6f312023v2fpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLxAnCLvyYdiaNOSO7APg6bXQA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQJUW9L-wbmyPqgDAaoE3AFP0DcQjeFMEpaZbMMxWXjy0JkWWqQ8KG4SjkcMEtpQZSehjFWl4gN6ujInwWPDQTYQGepfMKKFylmhyG9dsRTT1bqqK2uwWz_WfMIHOAiH2dToaIhgLd19SGf9KJuwb7vnHs2b5blndkXBkS8GHSzvbkdXYP0zEVaAKljAkoWKH3f2Jvi2aX-c9IczvX2LuBXIwcech0X956P7N9azZ3Y30zgAIOXP7cmukjv0P0pVODDGyOP6BIKzbaEsXtp9S7fcluPusc3JDSArk8j0AAxB8tpS0m9H0ZrLyb8wgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3X_TlxML8By1zFGu3iWvLm8JdN5w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 15:32:28 GMT
Last-Modified
Thu, 27 Jan 2022 15:32:28 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
i.js
cm.mgid.com/ 		0
136 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1643297548202281353664
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1127375.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d4308ac68109262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame 186E 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=164329754822497491482
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1127375.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d4308ac888b9262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i.js
cm.mgid.com/ Frame D367 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1643297548270597515345
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d4308acb9049262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame EF05 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1643297548288823901226
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d4308acd9719262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cors
data.ad-score.com/data/ Frame 4C7A 		1 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RNCwshxGaoiHKSgPaMfsXOCsYoMAZmxT-FE7fPshldVrrKDwY3nLIGkLGNA==-E0zFP89kalvmMg==&pm_ct=eefdcd39b2f2602992c865f7&pm_pl=1643297546623&pm_td=1747&pid=1000787&en=1.1&callback=__pm_glbl_FC849qYWgypsJ5f9FSrJCJSU._gc6&v=1f9f249
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://newsyou.info
Date
Thu, 27 Jan 2022 15:32:28 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
mapping
dprof.site/matching/ 		17 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=f6458896-c4c0-4f95-8d76-e7e30490e045
Requested by
Host: pbkqidejmes.ru
URL: https://pbkqidejmes.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:28 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
tracking-event
api.webgains.io/ Frame A783 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jan 2022 15:32:29 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 15:32:29 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 04B2 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jan 2022 15:32:29 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 15:32:29 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220125&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e8ae291c9c65abe55cb5eea61e1752c50d4851c61e5bd35945979636b5eb3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 15:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8929
x-xss-protection
0
jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v16/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0aExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|PT+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:38:00 GMT
x-content-type-options
nosniff
age
71669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28444
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:38:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:32:29 GMT
usync.html
eus.rubiconproject.com/ Frame 6FCE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e0d259f7-d705-511b-a212-861bc3e03d12&CACHEBUSTER=713126
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 27 Jan 2022 15:32:29 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
date
Thu, 27 Jan 2022 15:32:29 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4FA0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 15:27:55 GMT
expires
Fri, 27 Jan 2023 15:27:55 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
274
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A153 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f2ae8d6c068a93af1f13d8da22038ade92fdb6c927038bcdecc430406715aa93
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mOeklrdWFS393uSkBBB6xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 27 Jan 2022 15:32:29 GMT
date
Thu, 27 Jan 2022 15:32:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-mOeklrdWFS393uSkBBB6xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame A153 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220125&jk=3811902208470004&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 4FA0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
usync.js
eus.rubiconproject.com/ Frame 6FCE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
28bd829d5e8e92cb4a32fba29a6ee73953a7fb84ad79e49960a4d99ea220ac37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:29 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 23:04:16 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=63835
content-type
text/html; charset=UTF-8
content-length
9704
expires
Fri, 28 Jan 2022 09:16:24 GMT
khaos.jpg
token.rubiconproject.com/ Frame 6FCE 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
generate_204
tpc.googlesyndication.com/ Frame 4FA0 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Bpf5ew
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:32:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6FCE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.90 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
deb9f124eecce7a554c70ca983265c95
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220125&jk=3811902208470004&bg=!n5ylnNjNAAY6OBv_Ojg7ACkAdvg8WunRGC4vt0fKXcmv0pdU8NxOcFRWf8CLlem46FAkzXFr9YMTywIAAACHUgAAAAJoAQeZAqy9h0Ow883A_2ngeoGobY4fxyNjZO6_Yb2jpoqiRYDxcO1FYXEoG3Q0N_bT-dEkaI-ynMd3XvUUBmBP1SHL0EqhaMqK6RXzyOYTWd6Qh1SwH1hZFg9ftLnQgdFpfkl-BtjueL8W7LeCdIOivCCdnWxBfyD0hEWG3HPLhZzhWL7ZOIKdwVwz4iaRSshtnkOnFohYnCGKs4LkE4eNCcO-EQObs0kI4sMeAEe5M9vp8eLxYWPLH07fFvJa8nwcM9yCDitoqgkwAAraPL_R_zWWdoEVhqKxRY7jebRvErvxaMCWoR2mmVeCo4ni-MpwK4SIyIC6pXQqWnT1lBN8I44qlUj6bkvGkAIEY5KaOI-8qlxA-bROFMfIKj_4OEEVkXgkQrtZIA2amvrrFJwM2UyrKWKQdAZxQsBKqwnYzv_JCa-EXFyiBTAjGblYLyDqrHnVcYdZYltstXJoKGE3H-bOT65a44mDg2qHf6j2E9l6NM1Fa8ZjM40arurgoV-3gQ9_4K_x7YQQd1R4j0ZK4WJSqB_XWGxcOTFNQboO59s6n6B9IwORGDoA3bW9RxSWPXh1yZj_db2KbSmJuKSnjbNyoNDFWZ_G_Lt0TxmY1b2SkJK1As0tjCVaPTNf-2RVsqbesOG62fnEDzP8bmK-sPBecBFy1sEz507Jgpw6MQFiNLVgfve5EONIKPvkAF0GRbIzq82EcHk7ltF5wN60o0rGm5wzzFF2lJjgxAqUGJGqxaOkWN2cCMPji-scQtYm5Q7bYUnJia7NUemO-YY0TFLs-HzwVs1moFrxKVQ7TwneoXNgJAqA0mqnmxa_8sptN090UxnpQIT1XKbCpCctNpVkyaJvRt1ltit2JLxxq72Ml_oRKl6Otww6H3_KtVUg-5drN1PTxZ78zW_8kuB0zHo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
713126
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 0D68 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/713126
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.15/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.15/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
match
ad.360yield.com/ul_cb/ Frame 0D68
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e0d259f7-d705-511b-a212-861bc3e03d12&expires=60
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
Protocol
H2
Server
52.211.218.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:30 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=9c4433cc-c82f-4416-9bab-dec64166040d
date
Thu, 27 Jan 2022 15:32:30 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/usync/ Frame A94D 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e0d259f7-d705-511b-a212-861bc3e03d12&CACHEBUSTER=713126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
e0d259f7-d705-511b-a212-861bc3e03d12
an.yandex.ru/mapuid/betweendigitalis/ Frame 0D68
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fe0d259f7-d705-511b-a212-861bc3e03d12
  • https://an.yandex.ru/mapuid/betweendigitalis/e0d259f7-d705-511b-a212-861bc3e03d12
  • https://an.yandex.ru/mapuid/betweendigitalis/e0d259f7-d705-511b-a212-861bc3e03d12?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/e0d259f7-d705-511b-a212-861bc3e03d12?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:30 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 15:32:30 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 27 Jan 2022 15:32:30 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:30 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 15:32:30 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/betweendigitalis/e0d259f7-d705-511b-a212-861bc3e03d12?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 27 Jan 2022 15:32:30 GMT
sync
t.adx.opera.com/ Frame 0D68 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=e0d259f7-d705-511b-a212-861bc3e03d12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 15:32:30 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
tt
a4p.adpartner.pro/ Frame 64D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=8506b69c-4014-45e4-a5be-f76d0f847627&session_pageview=2&session_id=4657d113-2743-42ad-b3ef-f074b7c59a4f&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO&referer=undefined&
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.3248512539478996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 27 Jan 2022 15:32:33 GMT
cache-control
no-store no-transform
all
csm.eu.criteo.net/ Frame 34D5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=2VFZqn_YWwLOacetTeKiU6jXClXWYaPWnfrFdt6G92lPUnUvnjsXu8cZGk-8HTaX23BS750Zcp3xzgDUEeA9hcLbHCR6BYD3p3MeLcGlognWqHXioUQ292EL73lfHka2pSxOQTRO_wD5G6aHv6gH1bEsuedc2wRzjlFiZrFQWBBnzeMFFPPYY5E0DXI7xZ_JTrBtCFEewbbG-BcYeQYRN93teb_B5gk-9tp1NW5K7cnRD0bi6VSZbLeDRhiy_PtTN0UL9TPOPZNunN73&sds=2&rev=80217&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfK7CQAD1YcKd_KQAAnvPV7_r2dVeswbXkP7NQ&u=%7CGeTwI1zc0r4FUxieqcwf1OZfOoNzaYrDhX1wQ4RDoLQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weT9XQUsYP5V37def3eEpsPcARMTMU9nGlfqguyh_YUpQ4AFJTigFxjYyYm-uvawZkLJx5yuuWV_RTC81H3DIUv2pQRiuViBpRVY6tcGvx-IQNWZPxsbjluTKmRxnJ6Xc8gkSC8eTIeqCnm0-gw24aMNwk2OVU-6CoEvuhIkKMF-MMTwj9XdtfkN8nKUtArdKhbuzu7poiDLWfnmGXUbatoV2GD4niLnmcL4gix0XUzCes7GoJVUh3QBaT2ye8Kk-Xw-xTcs709_pOwas3gVwOQGq2-9DxUiN8cg3sJdTEf3PZzlyDNBZqpUyOXxBosvL9zxfAOsQNMRX1NO3rD814g70xdbTt2m0FiVZ-gi6DP1g2jBjpS-T7okrQdhauJa9OpdYlqKd2elLT6uVitnrHr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAsKzCbvyYYerD5Dl3wO93qeADsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAkRjHCsFxbI-qAMBqgTnAU_QHPDfjKwVLE3vI_z-ljCcEF62ob5-Lntr-tsMMqjeJJ7lQvuQFX7ztiG_XB7coU2ZE4XXm-C81uwgh_fll4oc9wLGrWWFaUwNCxvS4SbW_ucHArSywzJS-K1Sf047hAt7AjMDC6ChcNpgJLgkt3KEf03CR9T8NhEqvRA6Dpg2jnv9-kpi1y6K4b4SBY30S20lryNLmiFd6hJ6mxPEtLCfxCXOwa_53_-B4OoPq_drPZca3ObpvkeKDSJ8xUFBVcVyWsNwTpcD7HMGLJC5XhKC12l7B_MYNJIzr6TamBzSMxqRLKOpwoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13HL5o5tw3vLmAJZb4BcfV3xNPLw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 15:32:33 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya

Verdicts & Comments Add Verdict or Comment

396 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 function| _m1651010788 function| $ function| jQuery string| ajaxUrlFlatPM boolean| duplicateFlatPM boolean| senseFlatPM object| adsbygoogle object| head object| script object| mtzBlocks object| node5876 object| gnezdoAsyncCallbacks object| node7880 object| node7884 object| jQuery111109794051774708861 object| node6822 string| iS object| iD object| iP string| iR string| iT string| iH number| iI string| GoogleAnalyticsObject function| ga function| ym function| flatPM_arcticmodalLoad boolean| debugMode boolean| duplicateMode boolean| senseMode boolean| countMode function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_random undefined| flat_body object| flat_count boolean| flat_counter number| flat_iframe string| flat_sep object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear string| flat_dateMonth number| flat_dateDay number| flat_dateHours number| flat_dateMinutes boolean| flat_adbDetect object| flat_userVars function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| flatPM_setHTML object| flat_pm_arr function| jQueryLoaded function| jQueryLoading function| randomInteger string| RESOURCE_O1B2L3 object| _0x54e7 function| _0x3ea5 boolean| scriptaddedobl82749 number| __o1b2l3_updateStatsEvents number| utarget_rand number| utarget_cookie object| utarget_script object| l_m2312323304 object| Sk object| name75now object| google_js_reporting_queue number| google_srt object| googletag object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| FB object| loadedBanners string| scr object| div object| x number| len undefined| newScript function| getApuID object| APC object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID object| shownAds7460 object| initRtb1643297543174424053 object| result string| key string| apuid boolean| initVisitTime object| logVisitTime object| sessionData number| bannerNum object| adexOpt object| onMainScriptLoad object| loadAdpartnerVUnit number| loadingMedia object| adPartnerMediaAd object| place function| addJqueryqatkt function| take_ban_teaserqatkt function| getUrlVarsqatkt function| addJqueryhzrnQ function| take_ban_teaserhzrnQ function| getUrlVarshzrnQ object| shownAds2489 object| initRtb1643297543206800085 function| addJqueryTyQRy function| take_ban_teaserTyQRy function| getUrlVarsTyQRy object| shownAds7760 object| initRtb1643297543213313552 function| take_ban_teaserehYNG function| getUrlVarsehYNG function| smiHTML13267 function| smiCSS13267 object| smiq function| smiHTML13245 function| smiCSS13245 object| shownAds7858 object| initRtb1643297543234041153 function| smiHTML13248 function| smiCSS13248 boolean| laScriptLoaded object| shownAds5687 object| initRtb1643297543233919429 object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| mtzCheck number| intervalIDqatkt number| intervalIDhzrnQ number| intervalIDTyQRy number| intervalIDehYNG object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| dmpProfitclicks function| loadjscssfile function| createWidgetHelpButton object| TelegramButtonOptions object| Widget object| gnezdo function| _typeof function| _createClass function| _classCallCheck object| web_script number| is_clck function| web_callback string| website function| are_cookies_enabled function| inIframe function| compareElementsWithParentsToSelectors function| compareElementsWithChildrenToSelectors function| compareElementsToSelectors function| Browser object| browser function| run function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _mgIntExchangeNews object| MarketGidInfC1122348 function| MarketGidCContextBlock1122348 function| MarketGidCMainBlock1122348 function| MarketGidCInternalExchangeBlock1122348 function| MarketGidCRejectBlock1122348 function| MarketGidCCriteoBlock1122348 function| MarketGidCInternalExchangeLoggerBlock1122348 function| MarketGidCObserverBlock1122348 function| MarketGidCSendDimensionsBlock1122348 function| MarketGidCRtbBlock1122348 function| MarketGidCContentPreviewBlock1122348 function| MarketGidCResponsiveBlock1122348 boolean| mg_loaded_413933_1122348 object| MarketGidInfC1127375 function| MarketGidCContextBlock1127375 function| MarketGidCMainBlock1127375 function| MarketGidCInternalExchangeBlock1127375 function| MarketGidCRejectBlock1127375 function| MarketGidCCriteoBlock1127375 function| MarketGidCInternalExchangeLoggerBlock1127375 function| MarketGidCObserverBlock1127375 function| MarketGidCSendDimensionsBlock1127375 function| MarketGidCRtbBlock1127375 function| MarketGidCDiscountBlock1127375 function| MarketGidCContentPreviewBlock1127375 function| MarketGidCsd36291-circleRotatorBlock1127375 function| MarketGidCui275-animated-logoBlock1127375 boolean| mg_loaded_413933_1127375 object| MarketGidInfC1146775 function| MarketGidCContextBlock1146775 function| MarketGidCMainBlock1146775 function| MarketGidCInternalExchangeBlock1146775 function| MarketGidCRejectBlock1146775 function| MarketGidCCriteoBlock1146775 function| MarketGidCInternalExchangeLoggerBlock1146775 function| MarketGidCObserverBlock1146775 function| MarketGidCSendDimensionsBlock1146775 function| MarketGidCRtbBlock1146775 function| MarketGidCContentPreviewBlock1146775 function| MarketGidCResponsiveBlock1146775 boolean| mg_loaded_413933_1146775 object| MarketGidInfC1024868 function| MarketGidCContextBlock1024868 function| MarketGidCMainBlock1024868 function| MarketGidCInternalExchangeBlock1024868 function| MarketGidCRejectBlock1024868 function| MarketGidCCriteoBlock1024868 function| MarketGidCInternalExchangeLoggerBlock1024868 function| MarketGidCObserverBlock1024868 function| MarketGidCSendDimensionsBlock1024868 function| MarketGidCRtbBlock1024868 function| MarketGidCContentPreviewBlock1024868 function| MarketGidCResponsiveBlock1024868 boolean| mg_loaded_413933_1024868 object| Ya object| yaCounter44453875 object| informer string| ban_teaser function| adpartnerMedia function| adpartnerVUnit function| WidgetTelegramButton string| cookie_expires object| options object| system object| _parent object| banner_clases boolean| edge boolean| linux boolean| new_opera boolean| ua_ios_opera boolean| ua_ios_opera_mini object| main object| onMainScriptLoad5555 object| google_image_requests object| google_llp object| block string| text object| banner7459_18598623110562372 object| banner5555 string| prev_link string| teaser object| banner7460_1643297543174424053 object| banner1643297543174424053 object| banner6566_1643297543233919429 object| banner1643297543233919429 object| banner7880_1643297543213313552 object| banner1643297543213313552 object| banner2489_1643297543206800085 object| banner1643297543206800085 object| banner7883_1643297543234041153 object| banner1643297543234041153 number| cur_time boolean| wait_start number| _997726831838 object| _997726831831 object| cd string| dt number| _997726831832 string| user_agent boolean| mac boolean| windows boolean| ua_chrome boolean| ua_ya boolean| firefox boolean| ua_opera boolean| ie_11_edge boolean| opera_dev undefined| ie_8 boolean| ie_9 boolean| ios number| cou object| b0 object| b1 object| b2 boolean| class_selector boolean| match object| items number| count number| item_w number| item_h boolean| flag object| pos object| h_body object| h_doc object| new_post function| removeGooglePlaced object| onClickExcludes function| mgReject1122348 function| mgLoadAds1122348_0fd90 function| MarketGidCReject1122348 function| MarketGidLoadGoods1122348_0fd90 function| mgReject1127375 function| mgLoadAds1127375_05117 function| MarketGidCReject1127375 function| MarketGidLoadGoods1127375_05117 function| mgReject1145709 function| mgLoadAds1145709_05117 function| MarketGidCReject1145709 function| MarketGidLoadGoods1145709_05117 function| mgReject1146775 function| mgLoadAds1146775_096a0 function| MarketGidCReject1146775 function| MarketGidLoadGoods1146775_096a0 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| mgReject1024868 function| mgLoadAds1024868_04cb2 function| MarketGidCReject1024868 function| MarketGidLoadGoods1024868_04cb2 boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint413933 string| _mgPvid boolean| _mgPageView413933 function| LoadCriteoAllPlaces1145709_05117 function| LoadCriteoAllPlaces1122348_0fd90 function| LoadCriteoAllPlaces1146775_096a0 function| LoadCriteoAllPlaces1024868_04cb2 boolean| i.js.loaded boolean| i-noref.js.loaded object| GoogleGcLKhOms

129 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: b3f53ecb83dc4922a76105b3ef6cd724
newsyou.info/ Name: b
Value: b
.codesbro.com/ Name: uuid
Value: b13ad3b8-8335-4d99-976a-f4ba875d1d89
newsyou.info/ Name: vcO1B2L3-1
Value: %7B%220%22%3A1%2C%22*%22%3A1%7D
.mgid.com/ Name: __cf_bm
Value: 0qku29RcM_mCIfW08AmwLIcyg3ywIr1.zwy2uGsPLj4-1643297543-0-AbNRAZfwlVu2Tzl6Qdoo6IYASopuWrjetpok6mD/gLnTPyAJuNVEZ4xC3hawVMu6ZUcR7/AINQlVvB3idnahHkg=
leokross.com/ Name: current_server_session_id
Value: fe28e3ba4aaec4388888fc20aa9b9f25f5a66dbdvvv888704397
leokross.com/ Name: visit
Value: 1
.utarget.ru/ Name: uuid
Value: "/TSsGd2jTF/+AbFRzCmI8rb7RrkKub0M3l+yoh18Doc="
newsyou.info/ Name: lapuid
Value: 8506b69c-4014-45e4-a5be-f76d0f847627
newsyou.info/ Name: session_id
Value: 4657d113-2743-42ad-b3ef-f074b7c59a4f
newsyou.info/ Name: session_pageview
Value: 1643297543.1
newsyou.info/ Name: site_visited
Value: 1643383943.1
.newsyou.info/ Name: surfer_uuid
Value: 57ad2f86-963d-400e-bf28-a829f11811ea
.newsyou.info/ Name: la_page_depth
Value: %7B%22last%22%3A%22https%3A%2F%2Fnewsyou.info%2FZEVAYUSHHIJ-KOT-STAL-NOVOJ-ZVEZDOJ-SETI-VIDEO%22%2C%22depth%22%3A1%7D
.newsyou.info/ Name: page_load_uuid
Value: 80ce4c3a-46d5-46ee-8017-5809b61d414f
.newsyou.info/ Name: _ga
Value: GA1.2.274054083.1643297544
.newsyou.info/ Name: _gid
Value: GA1.2.1146684044.1643297544
.newsyou.info/ Name: _gat
Value: 1
a4p.adpartner.pro/ Name: newsyou.info_ref
Value:
.yadro.ru/ Name: VID
Value: 2DbEhU2gWd8F1XyhiK001ViT
newsyou.info/ Name: cbtYmTName
Value: JF8GTUAGHgZGHUBHFEUVFBcSHR0QEEZGBlni
prodmp.ru/ Name: rai
Value: 741531ace30434c00d03b312db701f7c
.newsyou.info/ Name: _ym_uid
Value: 1643297544208227818
.newsyou.info/ Name: _ym_d
Value: 1643297544
loadercdn.net/ Name: vui
Value: 42908699281d431e9193deb661d5b970
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4138666367fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1404235067fake
a4p.adpartner.pro/ Name: apuid
Value: 8506b69c-4014-45e4-a5be-f76d0f847627
a4p.adpartner.pro/ Name: apudmg
Value: 1
m.mixadvert.com/ Name: 5ea98664f21d3969ed551e3dd67920a0
Value: 441677%2C440546
m.mixadvert.com/ Name: 07617e07a23964e55cef2a7c653c69d5
Value: 1
.newsyou.info/ Name: u_count
Value: %5B0%2C0%5D
.newsyou.info/ Name: __gads
Value: ID=67fa2b61606cdd89-22cd55fb2dcd00a0:T=1643297543:RT=1643297543:S=ALNI_MZ_LKaDtexhfJD5VknpkTJFWS9c-g
.doubleclick.net/ Name: IDE
Value: AHWqTUnkh117nTWiGsAg98-D-qI3dRnlDOtwyLaPzPSG33L7XKHZ3UdYuCirI5I33_k
.newsyou.info/ Name: _ym_isad
Value: 2
.gnezdo.ru/ Name: weborama_cm
Value: 1
.gnezdo.ru/ Name: uid
Value: uZQlT2HyuwhA8ysymCEEAg==
.yandex.com/ Name: yandexuid
Value: 5908569701643297544
.yandex.com/ Name: yuidss
Value: 5908569701643297544
mc.yandex.com/ Name: yabs-sid
Value: 260101231643297544
.yandex.com/ Name: i
Value: kd+zvhIWLri7ToSF8ydXmAU6J+RLw0lRh1/IwfMciB6Y7Xb0lqmQoRgH08B7S75lHpvEfiYz9hylNHJ/MSWHyb3jMAQ=
.yandex.com/ Name: ymex
Value: 1674833544.yrts.1643297544#1674833544.yrtsi.1643297544
.uuidksinc.net/ Name: jcsuuid
Value: 1z6ABIIBJV7zAEHTlhRT
m.mixadvert.com/ Name: d54b2b911325fe63c5dbb7b344626a9a
Value: 440546%2C441677%2C440544
m.mixadvert.com/ Name: d1e668d3da9b9018eb90c9701e492d18
Value: 1
.eskimi.com/ Name: __eConsent
Value: 1
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWHyuwkVPQi8+aQXAvZhURfEl1hJTHWTHtrx9/nA4nnX
.adhigh.net/ Name: gi_u
Value: eQNw1Kvbgk8.AikABlF-nCqbTQ
.newsyou.info/ Name: chash
Value: bWU8CEQzVw
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: e0d259f7-d705-511b-a212-861bc3e03d12
.acint.net/ Name: cSyncDp14v3
Value: 1643297545
a4p.adpartner.pro/ Name: buyeruid_64
Value: a23b8b70-09ac-4700-77fd-b2aa76fcfc6b
a4p.adpartner.pro/ Name: buyeruid_63
Value: 9f98065b-f45c-459e-7830-bf23e91a40b1
a4p.adpartner.pro/ Name: buyeruid_47
Value: e0d259f7-d705-511b-a212-861bc3e03d12
a4p.adpartner.pro/ Name: buyeruid_57
Value: e0d259f7-d705-511b-a212-861bc3e03d12
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWHyuwlwcwAlGk9CAhiKnG/srvAbpcnDX6so7KqL3qAF
.adrta.com/ Name: __aavi
Value: 14720117110642207430
.adrta.com/ Name: __aavt
Value: 1643297545790
.adrta.com/ Name: __aasi
Value: 4491133257881073890
.adrta.com/ Name: __aast
Value: 1643297545790
m.mixadvert.com/ Name: 4c3093eb5a5bf6cc702a0efdb4cb4aa1
Value: 440546%2C440544%2C441677
m.mixadvert.com/ Name: 9d347e03ba325eb024880144aeee88ba
Value: 1
.aidata.io/ Name: __upin
Value: KW7YzCNHRK0ZCV+Z9mlSGw
.aidata.io/ Name: __upints
Value: 1643297545
.adhigh.net/ Name: btw_sync
Value: j8B
m.mixadvert.com/ Name: 6c6ea04eb473f74283e76c9fa5a1e73e
Value: 440544%2C441677%2C440546
m.mixadvert.com/ Name: 3e3119795269002cdd691c77b509ad25
Value: 1
t.adcell.com/ Name: ADCELLvpid8807
Value: 237769-77305-brdkxzaahxktakmswxhuaaapanmwnmn%23%23%23%23https%3A%2F%2Fad.bsmartad.net%2F%40%40%40%401643297546
m.mixadvert.com/ Name: 49c4a7954bad8b2bda64bc9b9eba902e
Value: 441677%2C440546%2C440544
m.mixadvert.com/ Name: 2b94923edf8d13f817ec7f0450b5bbb2
Value: 1
js.ad-score.com/ Name: token
Value: KIYbNSYzZvWzQ-slb9-GgntUbCPIPMwn
.quantserve.com/ Name: d
Value: EBsBCQGmJYEA
.quantserve.com/ Name: mc
Value: 61f2bb0a-3f419-958c9-6ce08
.agkn.com/ Name: ab
Value: 0001%3A%2BQY3Dmj%2BKJLimAGdDf0NKzzE2%2B2hnqcA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.rlcdn.com/ Name: rlas3
Value: dwGwILU/edTQumLs6JagcrAL4ntclO6ebRKRQAuT8bU=
.agkn.com/ Name: u
Value: C|0CEAphXeKKYV3igAAAAABAQ13AQEAAQpAAAAAAA
.casalemedia.com/ Name: CMPS
Value: 3235
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 88A31858-F951-4B1B-B886-37842B2DC436
m.mixadvert.com/ Name: 558392ad596ddfe98afdcc838970478a
Value: 440546%2C441677%2C440544
m.mixadvert.com/ Name: 2933fbf8fe4b651058027dfaa2aa4531
Value: 1
.casalemedia.com/ Name: CMID
Value: YfK7CmJfjm1WX0znMJhwQAAA
.rlcdn.com/ Name: pxrc
Value: CIr2yo8GEgUI6AcQABIGCOndKhAA
.casalemedia.com/ Name: CMPRO
Value: 1133
.casalemedia.com/ Name: CMST
Value: YfK7CmHyuwoA
newsyou.info/ Name: pmtimesig
Value: [[1643297546634,0]]
.doubleclick.net/ Name: DSID
Value: NO_DATA
.lijit.com/ Name: ljt_reader
Value: bfba14a6e18c61d8fc7f5729
.bidswitch.net/ Name: tuuid
Value: 9c4433cc-c82f-4416-9bab-dec64166040d
.bidswitch.net/ Name: c
Value: 1643297546
.adriver.ru/ Name: cid
Value: AEqSh_g8Ap-E6CconqswqzA
.adsniper.ru/ Name: uuid3
Value: IiQ1NGY3OGQ1YS03Zjg2LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.tns-counter.ru/ Name: guid
Value: 240B680461F2BB0BX1643297547
data.ad-score.com/ Name: token
Value: nWqvimNQnoJmX-lhxt-gTLrCWQVTLbsv
.mathtag.com/ Name: uuid
Value: 922f61f2-bb0a-4200-bb27-77e84cf59b91
.innovid.com/ Name: uuid
Value: 138d5a2e-0b24-45fb-a603-fe65ab96abc4-20220127 10:32:27
.bidswitch.net/ Name: tuuid_lu
Value: 1643297547
.bumlam.com/ Name: suuid3
Value: IiQ1NGY3OGQ1YS03Zjg2LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
dmpprof.com/ Name: uid
Value: f6458896-c4c0-4f95-8d76-e7e30490e045
.mgid.com/ Name: muidn
Value: m0rrPmPo2Yw7
.medialead.de/ Name: trscj
Value: MTY0MzI5NzU0N3xMM1J5WTJzdlpYQjJMekpoWldRek9UZzFOV0kxWmpRMllqZGtPVEJtT1RVNU9EWTNZbVUyTUdZNFAzUTlhSFJzY0NaemRXSnBaRDF2Ym1WcFpGSkJNbWhuWmxGbVJEUndWR3RJZDBnemRGRjBTbWRFVXpsVGVsUnhlRlJIT1hodmJtVnBaRjlmWVhOMWFXUllhWEJXVkVnMWVtdHpjWEJ2VTI5NWVGWlNkbEZrWTBFeWVtaG9OM0o0Wm1GemRXbGtYMTl6ZFdsMFpWOU9aWFJ0YVhoZlVtVmhZMmd3T1Y5UVVrbFdRVlJMVWtWRVNWUW1aMlJ3Y2w5amIyNXpaVzUwUFNablpIQnlQVEFtWjJSd2NsOXdaRDB3fFRrOU9SUT09
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
.admixer.net/ Name: am-uid
Value: b3f53ecb83dc4922a76105b3ef6cd724
.blau.de/ Name: nscQ486
Value: V
.o2online.de/ Name: nscQ485
Value: V
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0MzI5NzU0OHZsZWExZGUyMDIyMDEyNzE2MzIyNzYyODI0MDQzNDc1WDExNzY2M1YxMjI1MTMxMTA2TVNvbmVpZFI1WGZnZjZRRnhreEZrSHdIM3RRdGRkQUZ3VHpUN2dzN29uZWlkX19hc3VpZFhpcFZUSDV6a3NxcG9Tb3l4VlJ2UWRjQTJ6aGg3cnhmYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY2Mw
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022012716322762824043475X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuidXipVTH5zksqpoSoyxVRvQdcA2zhh7rxfasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0MzI5NzU0OHZsZWExZGUyMDIyMDEyNzE2MzIyNzYyODI0MDQzNDc3WDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZFBKNEhCZkViYUp3NEM5SGpIYnRNdFBQeHVaVDlUa0dDcG9uZWlkX19hc3VpZFpaeGtET2NzS0xTb3JZREQ5bkppcWtHTllvek01bGowYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY3OQ
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022012716322762824043477X117679V1226132702MSoneidPJ4HBfEbaJw4C9HjHbtMtPPxuZT9TkGCponeid__asuidZZxkDOcsKLSorYDD9nJiqkGNYozM5lj0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
dmpprof.com/ Name: enrich_data_v2_5
Value: 1643297548
pb.media01.eu/ Name: ASP.NET_SessionId
Value: 1ck0nfccqhxkpcxb1tq3hghj
pb.media01.eu/ Name: DTU
Value: 5CDF61221709C634CE29541FC2551EE4
newsyou.info/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22QxsC-b9TJ%22%7D%2C%22C1122348%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643297548199%7D%2C%22C1127375%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643297547999%7D%2C%22C1146775%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643297548006%7D%2C%22C1024868%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643297548019%7D%7D
dprof.site/ Name: uid
Value: f6458896-c4c0-4f95-8d76-e7e30490e045
a4p.adpartner.pro/ Name: buyeruid_55
Value: 0100007F09BBF261BC083D150217A4F9
a4p.adpartner.pro/ Name: buyeruid_53
Value: 0100007F09BBF261BC083D150217A4F9
.server.cpmstar.com/ Name: USER_ID
Value: %b9%7c%192%5e%92%14(%be*%f8%17%5d%7f%fd
.sniperlog.ru/ Name: guid
Value: A4C8CEE33D09B050
.360yield.com/ Name: tuuid
Value: b30dfaf5-6aec-45f0-8718-33e64f41b513
.360yield.com/ Name: tuuid_lu
Value: 1643297550
.360yield.com/ Name: um
Value: !191,Y5P5KrGIkwWsWsDuj3RDzlqYHQU3Bfp366dAEN1EkxpWBfe9b.-axGwhvwz.WgBC3uM=,1651073550
.360yield.com/ Name: umeh
Value: !191,0,1705505550,-1
.betweendigital.com/ Name: ut
Value: YfK7DgAC9dA2Q9dOu7V88ulZQ4dhMJn2nobeRQ==
.yandex.ru/ Name: yuidss
Value: 1623051641643297550
.yandex.ru/ Name: yandexuid
Value: 1623051641643297550
.adx.opera.com/ Name: UID
Value: 2c293d829d114f78a85509f2ebd83111

3 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9531.LBEMfywGdUoe32zNTvn_5hR4UqDZfsXXAVB9vBaR2FxeaGnp8H0DlsSfhXgRZsdSfb3DHLMxQSM1Ve7EINn-bw%2C%2C.s1vEAsB0vc7dmZqm7V9BR7aR1Rg%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_push=AYg5qPIZ7J9V5WjCPutyRKaI0Tv5Btf17EuX26oeNBQFfeAYbPAqWIucg-MQH6UgB3slo0WMbNvkevbntEpygK-jzE0XVlWRqQo&google_gid=CAESEGMGO1lj6xSajL84hFb24aY&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfK7CmJfjm1WX0znMJhwQAAABG0AAAIB&google_gid=CAESEHnCtOj1yTOMZ50thfBMneo&google_cver=1&google_push=AYg5qPKp2k0VDUN9RTna4SWeUswxObugNfaQ90Gj5-dRi0QhZ2mNTXLsH4o3YJJJW393TRj0SiV9m_dwbJSVMkwwmUlFXcQeVdya
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5h3oyhv838.com
a4p.adpartner.pro
acint.net
ad.360yield.com
ad.adriver.ru
ad.bsmartad.net
ad4m.at
adrta.com
ads.betweendigital.com
ads.eu.criteo.com
adsbid-buyout.adghndou0sdh.ru
adservice.google.com
adservice.google.de
ag.innovid.com
an.yandex.ru
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
c.mgid.com
cache.betweendigital.com
cat.fr.eu.criteo.com
cat.nl.eu.criteo.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
codesbro.com
connect.facebook.net
counter.yadro.ru
csm.eu.criteo.net
d.agkn.com
data.24smi.net
data.ad-score.com
dm.hybrid.ai
dmpprof.com
dprof.site
dsp-trk.eskimi.com
eu-node2.solutionslabkit.com
eus.rubiconproject.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fcgi5.gnezdo.ru
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
guepslka.com
i.i.ua
i.mixadvert.com
id.rlcdn.com
image6.pubmatic.com
img-light.com
img.servestatic.net
inv-nets.admixer.net
ipv6.adrta.com
js.ad-score.com
jsc.mgid.com
jsn.24smi.net
kor.ill.in.ua
lbs-eu1.ads.betweendigital.com
leokross.com
loadercdn.net
m.mixadvert.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mixadvert.com
news.2xclick.ru
news.gnezdo.ru
newsyou.info
odr.mookie1.com
onetag-sys.com
openfpcdn.io
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
pbkqidejmes.ru
pix.adrta.com
pix.eu.criteo.net
pixel-eu.rubiconproject.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.yabidos.com
platform.twitter.com
pre.glotgrx.com
prod-rtb.ad4mat.net
prodmp.ru
pv.medialead.de
pwkvdk.com
px.adhigh.net
pxksnymto.ru
q.adrta.com
r.i.ua
recreativ.ru
rtb.nl.eu.criteo.com
rtb.openx.net
rtbnote.bsmartdata.com
s-img.mgid.com
s.uuidksinc.net
s.zmctrack.net
secure-assets.rubiconproject.com
server.cpmstar.com
servicer.mgid.com
ssp-rtb.sape.ru
static-de.ad4mat.net
static.criteo.net
sync.bumlam.com
sync.mathtag.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adcell.com
t.adx.opera.com
t.trafmag.com
telegram.im
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
utarget.ru
video.ridus.ru
www.acint.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.juui.de
www.lead-alliance.net
www.telefonica-partner.de
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
zn3.2xclick.ru
cm.g.doubleclick.net
104.16.201.58
104.19.132.78
104.19.135.78
104.248.199.158
108.177.14.155
109.206.161.114
116.203.103.102
130.211.115.4
136.243.84.75
142.250.185.98
145.239.108.234
145.239.193.130
147.135.189.55
148.251.156.238
151.236.71.19
159.69.74.7
178.250.0.160
178.250.0.162
178.250.2.135
178.250.2.148
18.66.122.23
18.66.248.76
18.66.97.25
185.148.37.26
185.148.37.79
185.187.81.40
185.187.81.41
185.248.101.21
185.254.189.130
185.29.132.241
185.64.190.78
188.42.191.196
188.42.29.166
193.106.95.134
193.200.65.18
193.200.65.5
193.232.148.142
193.29.200.157
195.201.243.72
198.24.170.53
2001:6d0:4001::226
204.62.13.72
213.19.162.90
217.182.200.19
217.65.2.150
217.67.179.205
23.37.42.132
2600:1901:0:76b9::
2600:1f14:b4f:4b03:410a:3d01:94d4:66d5
2600:1f14:d24:9302:97b1:15b5:5291:407b
2600:9000:2250:4e00:a:deb0:3380:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:581
2606:4700:20::681a:134
2606:4700:20::681a:71b
2606:4700:3037::ac43:c78e
2606:4700:3039::6815:c086
2606:4700::6810:125e
2606:4700::6810:79c3
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:808::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:401b:803::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::18
2a02:6b8::1:119
2a02:6b8::90
2a02:cb40:200::242
2a03:2880:f007:8:face:b00c:0:1
2a0a:51c0:0:13d:247::1
3.122.111.84
3.213.81.196
31.172.81.158
31.172.81.159
31.172.81.172
31.220.27.134
34.120.139.69
34.98.67.61
35.186.253.211
35.211.178.172
35.244.174.68
37.18.16.21
37.48.86.87
46.236.13.147
46.4.121.26
51.75.86.98
52.210.63.97
52.211.218.251
54.145.145.202
54.38.197.123
54.72.0.164
62.76.25.27
63.251.86.51
69.173.144.165
77.123.132.42
79.171.117.17
80.211.42.243
81.222.128.16
82.145.213.8
84.200.5.215
85.192.12.169
85.192.12.173
85.192.12.174
88.198.250.30
88.212.201.198
88.99.63.132
89.108.120.68
91.198.36.16
91.198.36.78
93.90.198.147
93.95.100.117
93.95.102.105
94.23.153.171
95.163.155.37
00e059dfc2ec4c2e6e7c1aa8b8ff47c81a5d3764279bef81a18253e15ece8d04
00eb80989f249410ce3176bb7b305ca033847b5018eb6a13a3eccb849e91f3a6
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
0274d2561bec3ab100d1bc6bdedf3a1826e7d038fcb8345201a6e393c8d34bdb
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
037014418abbb78ae99c013b8f0cba0ceafc242d91970b77775f942862d7febb
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
04a52974d4a13710503badb4b5e1cda3fcb0dbd11183fc97e7869e2db19d4f6b
04a9bf6e7bae14ed12f392b5433187b4470b441fac7cef743c8fbdfacaea444d
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05c70f3690d6aed1c44e1e2bb08913175da3e97f5775e6b40a5ec3fe8599fe38
06432589bb496ce3791bde5ffbbe85f108a1193d939bb2bbf3a48edef277a08e
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f
06b8a9f750cc161fdfde70296d4c64606c213496ae3e5d0ae9daad37220c0e1e
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09ff7a73860aa084bfaeadf5a01030f460be8a06aba876c9c5fa576324e3d58e
0a1ff67487bc5abf1d426fa3d6a16dd037f064cd6fa87c35f220b11e8568b075
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211
0ad9efa7148c3b033e0430aa47c0d7279c5fb9ae699f34cc794b361bc96171cd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b97744dde2b3ee6ab13cb7626c9b17a2b4e172443540db0ff7eaeb7140ea3d8
0bb7fb824921a639b60f79d5573b85ac59bf9ae8d2362db025264449f7fe5f56
0c50284cc9473b4b7e1e495b4a7aaf141f9a4406135b25cee8d1b48baa6aa0fe
0c6fb83ae4f7d30ea54fe287fce3534c8096bd78bde5ff3d4e9e4ef9acdcb837
0d8d71bdcae968558d46992970999923a5644067497dc156f3f888f517a58b9e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f48df046030dbf9a35dd57b4d1ca0a4d5d7b34656b12d1376ba4a37a15a2335
101bd20d6740539876841132caa69f3637622abf9b2f4f40d22bd66911499fd6
1068940d5f14980112d4266b138ea0c3ebcbbdc34f2751dc54b376cb6f224c20
119fa737c50473a776516edee3df72742b00338f92a4ccbf0d2e6eb3c57d14b0
13bebae9151b25db0d3b04fcffa4031f54fdfd3855d709c227de488e15fddb0c
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
16583ac39dca82c44dce08d71e074887aa602fecc879ea5b58b1c2ec71536ecd
167594c9892450f36327228c44fdf8f39a3ebbdcddef2497f30d5c488e296e31
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1826ccd21554f5d32b7bd32f328d7424d9ba1309ff33385531609b63de0a5512
1853ddc793848acbfa43a5afe955229d5b8bbeecfd3ea24d15e97625260c62f9
1861bd6d6ab18ab9d64fd725f5eb9babca7abdda259798c869035ff41fb1f85d
188f152805f768bf93f7d7e92bb712d22af33698b52f5973c38721c1eaad9943
18e54970c798f19562b1a660b78ded66dc7d01fd2645fbaee30ff124d221abe6
197cf23522be7aa20c00d1e9de90a2a5cb08082989f9bd1130a70c1f80b0177b
199219a286886204cb63366914c6e1e1a29cae3626805565499868d088ace98c
1a17af2c701fa22db24d5c1386ae78856736ed1a0f81569bae840a8773232adf
1ad97039c65fdfaaf7841fa4564e4b0563b3d716f5133e831b49665c96f2785b
1b037b77799e97db94ff9f268f42cfba560d87c5b9e066277a66a4c3bba02408
1b1ff06c8dd66d6496e62c7da45d3b3a5621d3a81138d653bdced79d789afb85
1b20840aa882bbc7bd8595ec7e03077559ab71ca1a84214305a895f86903bf6f
1b2b81b66c6fc3f222898b941077bc356faabb7b3509f9b9378f0d41f0d06dc1
1bc8e321648b3d400244641084731d33402c21d92847d0c72ad7d4f762d0f7bd
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
1c523db52f9286cb3ea7ecfc15f5ec3b8f1751ff76577d47a2b8ebb9b8b2abe2
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d21291ab239dbae8ede80b2bb56e945deb4bf9311a9f6003c023954008fb748
1e76dce64a976f22f41b037fb0389474d301af51005cc41537300206a4b60d64
1fda215a8d1c5e8a17a575fe1035d30789f924694bed162be4ebb5995d45b65a
2017cbe513d83844413f47b5bcdaefa9d7bf843cc23899999c51f6ad598d1c8e
20a86f89dc45664f4484a6c6aed9797af8150f2910dc6cdf3a52d8c5c14c5c0f
22bfb12584c9fb93c5bd786ec7325c0308d0bbbb5ce31f114e18c453b198c16b
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a
247402d58f01edb4d92d16ff313db1b88c0d91d83d071980210501126fcc7655
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a
25d9c4886777d3632a5e3bc099f4b41e3b4e46d73010aa2fccb4d3eff8c21489
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
2765e7a2734a6719d3b846e7c6b316bc01d4a9f57bf4c4892de14685005c579c
27bfdb11f5445cc7e41f289f094a9218725aa2f94e9ab1abee28062262909e0b
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28bd829d5e8e92cb4a32fba29a6ee73953a7fb84ad79e49960a4d99ea220ac37
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2d59fb9c729f04cd84799db8137a07593d1658c3a2827018284f74d705ccc629
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e70f2271afb9e3760af0356dfe58701562dbc81d97fea33048e758930d3c308
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fe078ef605b389e7581a3e3e8e316e4639fe60c84b47988617c94ad3dd4bf20
3042b5909bee937146f0f91aa20bdcfb0e2f69e66dec395cc8a8fea141ba8049
3117ef8de99c385baec23e1ff509a1cbdb1efec22548af8218108e58a9669216
339b535d5a2bdfeb3147d24d1eabba12ccf36fba176d4f5f98ea014b9d06eedd
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357
34484acfdb270ba1f8e8cdc4730461ead417609a5a495566c688da8cad1fa2b9
34be38d133fe32063b42903021ab00b51e6ba9190777a9a331a323295e8cc4b9
3606f2a6bd75bf3cd1db03fa0853ec2289312b26f33b8e2d99c543a5bdcc25fa
365989e23708d595d48695140aeb2e048686a7c2839563da0f3bb91cb8b74fe7
36e1084e186cf1242d0ff4c759e17675fd6b5cf50a3348a21f3f8a1a662f6b20
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38dad5baf5936c66486d5bd9fdcad18bc12abe9e097beb43da851e5523f06c6c
3a0a066604448d75c52f260a437e6b8159f833fc8034972d49f7bc1ac9cf72de
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a
3d16c14d137652871fba612b412d90d35db5c3cec4a3e69839a60ba0c0a3ae04
3dbc72572bfe362f39a3252d5c52b44bcf076321f306ee7687939813f83be06c
3e22d1c1d99215388442686c38a44db6488a163a2085cc6d53ee5a310792255d
3e724d102e9bdc7dfaddd395c778e2e16c041aac0be0e5694811d0ad0e376c61
3fd9fae9cc3ac4b69c72b5639943e6b15a3b94f6f9cf8edbc1febce55a3c78c7
3fda86b14509e7ecd5db435f451ee122573f609bc0f51750a524023218735d75
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403538a0edbf91ae0c895b591716f99022985c5169bd74c6e61e4ae71ec4c38f
405010abddf7924481a04049bd7d38e476e3527cb0fbd4f5bdfbd0fef3f32b4e
4066c90f570d82554427cb534ec0d886d569f53c9d5b06fae0ac41a10061c913
4095bcfb1693e5866b7c06342e66b041385685367f848b00aedb4c73ea3a3d2b
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d
40dd8a285a92705da0f56bae63482a483cc99c07b7871e5dfaf65c68c2e3fa5c
417fd63c23a7c6e249b54002e965c6d3eda19e06b84a4ae80e226021ed2ac9a6
4256e6593e09392bdbcb4a073731ddc0daae7c340d69c76fd5b230b22f4951f4
42c1bc55a67369b68ff20d684d3be5182c5eabc3ba7e888d7ff1850043b4c09b
42d0dc038351933c39a36af4289bbe6c0b30cb680db1d429f326867fd49dcacd
4378c7a24b72ec7e67edb6dacfa54ad6a72f9bca63416c329260b3ebbeb4f93a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44165b160c17455d221eec73d5c50f1d56a37280de0fb00b68e9302bcd4976f3
444b1f2dbc00773bef5179ceba51ccb8cc355d80c3fbc36e925be3c38a9065ee
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
46f42c3bacdf581f8c4f782e77f341102bf127241ae4e724fc6f2066f9704b96
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
47513b4c359a86e05b5c26b9d002a067a88d6fa35e2226aa35b9c064afcd12ee
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378
47c72d70caa64da73cdff1a7cc9fbe4ed66901a3de42aeeaf121afcd6dc44264
47da719551bc09d8b7abad998f12535e5806007b8bd0ca0e3717ec05d1efe90b
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
4801e71f4a052b539122ccece472597f3dda8a0b0b0b45417da9805caa6f02eb
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4abacf83d9bda82ac7e00562f7a742d36500fbcc763bbcad563146367fc57a16
4b463a619c3ad52336074d4d0c301a005645836a4b34e268d5c3cefa8d6faab9
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4bfd9b887cd8d0cf60b23aacb1247c2878b150b6359c8f7941f6afc9c0a078c9
4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b
4cedf8e0d2f45de14d051cc8db7c4ebd78d17ea40616fa2aaa54c3355f7d6a92
4d0a1943c15d015900e69d6d46f9f96d2906fc4c99c0d3d4822ffc5e3f56768f
4df5c2eb2d24db25323c14e5f5325055c905bd1f1a999ac36b1f35a89057811e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923
502b634866f59486b3fecdf629c3a92fb91612c02c1e93d6f056eb66528fe681
50c0e7d35d4fbad3aa77ec5ab625a64e3ca9b1daf9af619a3231b4c5e4d3bdaa
50eec93d5274ac06d5610614e839e9ba4cded7c6d72edb2a3056b08f14c79f2a
5231dabce25f64958411a59df83a182c4783c050022145fc0537daca5a1ddb94
5334e3cb148c9b10af31f3c5944aab8ac62b699f708ae48ca787d6544c38a592
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
547df87f4e2181df1d1f8d99ca91fb09d503756391a44b5f5bbbf581a6c74e4b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559951c03906bc44cc9cfa137af9b9e7c47296cb1b7b2f082fcc921c627168dd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ace3c3427288e2c4136823c3a7ddf32acdfbfa556cc69de8ec1a240f918b7f
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
59bf63344921528f50dfd99fcfe22618771ea0aa6774b773ecb0ac5e2cf4d7a8
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5aab942fa2cb8277ee4f869d38dea681d39442f06aa244354f9348dd8251a68d
5b06a4236625e9c6aa6c8458c7df695539d7a1c931b9cd652e3dd9ca43fd689b
5c0a9358d9648972ebf6c451d9db1f0372f343da97faefc965d0e1d07ea0418d
5c99c6aa718e55eb86dc4da4700d6e21c1b2cc21742d1c8a1620c6cabb944532
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5effc33fde9d03440d32ea66c88a27cc7bca7f82efb791039b9b6688e4294187
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60273e13fc866bcaee3b9ea5385ec5649ca2420ddb092ee8df6f8512908cad2b
6055024f7bfc6b5681f10a75e7d2c8f8ab556572613db77d9e8618181950e91d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622203097d25a8c7afa5b81fb33f3f015f98e38f865e1ec9eadd208261cf38b4
627a8966b58f68d23f4129cb264b47f19a8f391429a7cc8e05f96c5481ff37fb
62b96179654cac81191c6cd61d934f962be1f502dc14c763cc7e60a8d70a44bc
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb
65516c677f31b3dc7a46b25580752d407e4cf3b9c9f7edaa21b78c3dc5740266
6594c3c30e59be8ada5b6ae48bbea7248178680f9abd3a7abe8483aef110fbce
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
68ccbdb842f6a18570bf56e2e17845300d3a016a26a5b428bd47d6e464593259
6900957a35224cafc6db293f6f277a7cbf121bc8170c39cf93b827115d6baee2
69e4905a7f490fa3be1fabfa33b099036279b2f7727abda5d50daaf468951d6b
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd227955dbac482696a5b0a64e8cc0e55e7847512840d6d10fbffd87a1942b6
6bd485f0fd0abfd08c4f634047990358700c64697843afee1eb92bdb03b3157e
6c715057ef0d6847ff597eed16f540bcc3d3ff40ab8b276722cd6947749c30d0
6e6155f0fa718000a44c255b2b93cf36e3a7d63f6119f0692306ae2caa7bea06
6eb1d97374d7d109c419a5b5d30eb49e6e57095ceea9e60945301a0d359b32cf
6ecbec5ad3fff64f1ccbe2cd0af35dd44b73ca5080730bb73bd65d5a93b7dfcf
6ed4c0d7d61b2cb849041896ae944485604891dbe3c891dd3dbf4fbe86c6a697
6f24bb1d658a09e662f19a09227e586b040194bcc6e0fe7204dacfb3c1fdc1e0
6f98440b23d6e092b2088103dabd50a4091af72187cb61399301b2778dca1b6f
70981c629676bf7182926d5ef0a9299a0b1ad5f8a72155eef9e2090f084abfd1
70ddc3c62be6833fc77118ef9a54348be0b5545b227e70c2d9c17403420f70fd
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74368695b5af312a44e53a8968969b6bcd5c62eaf30e6f66e2a8911aaf076aa2
751eda5cac1449dd6b059004d3e1b8e8def5c122ee7d2f57e77bec691fff31dc
7548dbf6ff83ed583dfb6d62a87364a673eb18403686b425248fdb4ffc00e753
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77359fb1be4169e497aa3f0d95db27545138343eba92589f8b27891eea6b3424
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7919a18a3ac32dc2f961d7a2a64f2bc3cd88508890adeadb6a57e59c5f0e4967
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a1e30f1bc06b771318233a41c45114a00485c8ae2f744ff2cad69863d04281b
7addd03f65296b66adfc423913f10acbbf697c267dc5b064da2eab0a2e4b2e43
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
7b69b7aa20f78f4f3d34340188accae54f1135fc5862fa4cc8c225f56e2fb77f
7d7dea60fa923ab7d7120f0c2e05888e781939006d0777b63ef9148ebdd623f2
7d9bcc81e48b4112faf64e433f9e0cebc46dfd0d6e6d161d443925bcdff7ee7b
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
7ee2c2fb62c3ff276b5e38b325b44c26becb66331c106d05dbf27b12ee22c3d4
7f12288a625f0e1672cc8825ca4a89d3d5514341b71f1f02f32dd7f15c407baf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
811d8a98333497981c83c099fbd4f0efac7a253043d1d2fa3beb4ddd551039e1
816327d42bedda9636ced140a4bdda724110239a2a17366ee1caa81e97e2299a
8198f85d22ef4ca10a2ad33821d24b2cb60f5951698eb151c2089c5e8e30c139
834f26b2cb7b9a1448b7cf89dde9d46398b6b4bffa398589bf983e53292d51bc
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
848cbbda196e725000414dcca5e3794b6934306bdf7c32ebdf0c6d77a1750df0
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd
85070573083b76cc0d26795c5cc32a39b2dba7d82b6e19b2e2cc6c920684d345
864e83842d37ce8850240d3e2423084ddb17b56d5b03ee22a7b08ba2eed49382
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d
8936e16a9417d942b3aecb5898c9dd58041d4843f65d42769521e4cbcfb280e0
8a98fdda5bdd8393a234b00a122160f86caa54743845d4ef8eeaf34bed1b0934
8ae863a51c12dd551f5bae030efbf14bd97626cd69bd256056064dee9f2c0bf2
8b6d62cc08f25c06b1b5b28694abbf6598e4ad73cdc03127aafd05db8e6a9dcd
8bc887dc0ec7d844123d80c36b54293a9ea37b81d8b41b859e21c1007d5941f1
8bd379f35f7542aa283ad4208a2fdaff61b9067247619f8c0c945898d9e3be06
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d6d630cb04d84da4e3e2e05c99e63487745ea09caf541e0e9063dab1b2c1d15
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8dde3293f8c39cc0652677137d24a8fc16ac011f895f19d0463eb5faded9c223
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ed65a1f398aae048cb73d56d05dc673c2a3f21c01ff8fe0f7a493a1f9c0ab8c
8f3394934a20dd91925276c7db49a257518ecdf869130c2ff60b471a720f53b0
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90c0de9d5a7b9acb175ab086051ecd0d8898f740dacbdf05905b55b4a6b5235d
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91319263d8c70cb70cde3e82c4fa397d8cf845d22252a8a51fd9b1b66a3171f2
91e066074e6f85c7b6e2a7e49657102bdcca606c6800d732877d0d5498e7722b
92ff6c3b9be470c8f1495c9a1f71bbe8d1d056f2ff9d86a469c2c10ff2c4aa04
93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d
9460a8d9acd74362273238c1b1e49fb058f44e482e4b22492540d735e556fc60
957183a7d41a580eba60c56b4cffe68a8e4ae33f6c603f03616058926ca8b6c1
9631138987a4fca1b9a2d01c9c9b7eb15eaebe7a14c81fa20172bfa881235a22
97a12eedbfeb92109fff2886ace297b87baaf1a346459724dd3387355592d772
97b4571a3ed92476de8c481c11a5d88ad8935ab99c0297ec0c0dffeb4eba9b91
98a24300b880ecccc7f78948d1ce5f1a070f00ec5d9b156bbc5c83d5992dffb6
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a2d91c3a6fc073bff83c85165fd5fa0f123fae65e5e5e442cb945bcdfcdd6c6
9a619aa7f52b56c57622b82d743a36de303dc3d54b4b9091c4f65d413fd0a70f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b10cc8dc956b57c2d04b5ef224fb116dc59ccb7152b5e026901c7e058185c39
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45
9bd5945215c69f91f909c6fd42a0c42c569ff1a3a145289c8a69ebc5cb56ee4c
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9d912c7841acb6149fb3e35aac95d7597bd230e7a6d89e1def9569c5f19578a7
9e2504a28c0c79b6a5bcb5b1a9012dbdd69cb3ac4eff1b64162c4cbcef5d996d
9e8ae291c9c65abe55cb5eea61e1752c50d4851c61e5bd35945979636b5eb3f9
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
9fd72153ba3e8a36d7e6a93d9bd5acb61f8f1cde905b95955a10761aa7e3636d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a076550ac29a200be5f041eda4ef09f4c23d3aeb019311a49707482528b97064
a0a8aafea7c182cd50d239de71da565129cb1110563f5c87ede4f0bdd740008f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b1f7ad22581667142351286e70948d2a0632ccf6882c00e981f03ef83776f8
a213a54c178ddf3123f85eaa4fc04d3dbb8693b9d296679544e36d3f8cf58fa9
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a31dcbc49a84f26a46fa648b568935c37576607df450b198cf3e9098a6189b53
a3f4ad6375ac8bdb6c4f24d9b6b18501dcf920c63842f636679fc3af44a3e47b
a417a4556116caa8a777aaccbedc27fe4854de9a34f4de2912582c09630a8450
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5e6ae784afecb52d95c4460d9c16d8e3ed26714b42b43eec57824297946bc86
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81b3f5f9d509e819904278d65030ffae579dae6740e59360f472c5fed2b4f23
a892934a8179f503669049b2fea18ba3b8957735c3431ca272c286dfdb926acc
a8fe18ac6f5ce1b917be353b8174d1d8e648abf15bff7191d4d05b9dfe29ee66
a91fb7b3751e54fc8c83379f84ae44b43bba458687255e4dc82b3ea4f259ea8f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac7efc4fbcd73d073d6f4a2e98d8d2665b856bbb85830090d5fd5529fa642aeb
ac907e5651c5b75920569ddb3b0a8eab5056abeb2e1c98cee658dda94f709122
ad96d0568ffea05fde2ad18d2ee5ed1e090950a1c55dccb10ffd59f5978a69b0
ae07ae363826bb4478d2028eebbf5b01267fa4afa9af5aec85e00ac13c3e8736
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b18ae28b560a2ae577e41ff4900508751852e230b8208cea3d1964de850ef1bd
b267a4cc065aca882faaa89c18de0dbf47ed477b17aa66cb4e7b0a7ec0500de8
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b390b7721c921342a5b9867bd563fb86cf465bf7204bcf1fd686014c1b897676
b4a6f0f4630a28a6f291d78532d525ce78d3eac5cee29f19b7cdf14cb4b135aa
b67b9b4083bd8320f5f79b893ca137abcab9bd7e2636d5683e1c34624793956b
b6faf280d0d6dc55b7b8483892fece7347a8a6ab9b5f54e9beb10c3a7376bff0
ba4b853d4279e5668739fe17d2ab02e98d0d04178b7d06c8bf1372a22b4163e8
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
bac85db2b623ddda7b7a390480cd4e305eb78e1c8fb7db6787502244c5a4a53a
bacf5d2cdcb9e75599240481a7a703be7aacb54e21cd79eca6f911e1654b546f
bae120caab6b4089f05f324a01e178189b1c639e0185de48c63628659b8c8593
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb8469d6840e62c2077575d82966ba9c8494f36ff153dc9849099de728fd0b74
bc634d28fb9058d4c6dc7326010e7c146b303addaed3e35380c44b4cf552f0d6
bd1921065dc2b974eeba17a2617c121528af4dcab92c688db4d249f4aeca802a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bda73abcec180b21d406cd02fdb7819c8baef2d337f1b85fd001e4fc2caa7c3f
bdb3d3edb1b60ab841da073b2b059f994f439e25d2c7ebe8e9a2831056aa0c8a
bfc4d20d13a3ff3ff75021c5a5aea730ee3898b7c9199a8422f84ff6c3c7c7c0
bff6fe2953477c19b112787a90875cba98f8fc5204e4c455fa3a70f700188269
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e
c1b9570fbda05a8c7581fca7882e8337cf26285ae607b2ba040c7805ff7b79f4
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
c393c9c4d935997e6da7c6c2482eb63bc7c52425bf7b44be1a2d70dbf3093394
c3b35e5bd9b98444134f837646351530dbad1aafabf7c123103d71d106207203
c47059aea1c35a75cce187a3921d7f7da3a2947879b6b6b4fce5fb1abab844b6
c4e0888c40cfca458708441e611877ea3facd789ffc92acf54a49cc45982d833
c4eabd4d494e2ba5a8f90e710fb3f5a116bb99a740b84f789cfe78628ab1df8f
c573c21debe8f7588afcb026dcbd7e593d5dde657cbefc22be675f691fcf253d
c657a546415a348f48b90dd41a0014c4bd984ab8d50577c257c771e140e8db6f
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6f7e013559d55c96d0175a0fe0b25bfc684cf6db0a2e2c1dc1efeca8ac5942b
c70e3c0db90a8461e326b4ef6759e9250f3acb722bfb2db60302d284ca13a7f6
c782b872b7b1cf17e389f882ec50ceef0f66d90b499addface7106540ab4fba9
c7d8dc8d45c3367c5b3de62a0b6c693c16671df2bbfecfe274b7a9e63900fa08
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
caf67d3a291567f01818e6d5a6c1397cd7e20abf7c03962ee8244016410b213c
cb451c36af74dd91259362b73cb59da7b3a60ce035743be1e4220ea57a83dfbd
cbced7e6cbff109258ba21fed32b25a7ca813b76fb5b55b7a9d1b00490badc40
cc17d109139a33b161c661f209fc503ee7fcf8f7ebbbf3aaf535ed0ab2b8cc89
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cd369a3da69be23d0a862675c6ee71e362404efc35c0c6d8fc8ab2881a01a00f
cd47e3d673d72298c0518c4b3d99ec9bfffb3a1cabfe824e2f6559d53029e09c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe2d4458c85c745953b0c08a83637cd9ea36ee1692489c37e0a1671b949c5f8
d00d07904d0e6271ebef873c9137ac45e0b2e6b7c3c043e161fd68dc08f326c4
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0eae84480a2a08525135edafc70eb7ef4011cf69a78a592ba103c3b13a0711c
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d2683f94ce8822ebc0d92d7c16c84ac4cddfb20b7c483cb4800e34fa16b47190
d279eb69392bd47fbdd1a254f4f5606e87341be63178168283a530c1d9d96bea
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d323821624abb4ad37554fcbba8182255feca63eb247a289c69f2e30f4012f9b
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d56b0735bad3b66b98293e8d93959d2492410370752022e53c312011b27f2f06
d5dc3810d345b69ede6455734f4efcd13ed56b902668192e7d2004c171591a8b
d696c3e7e3bf6e3ec6aa2a40a611a00074006680687fd264bb002b62c8658f24
d6f897588905532ea55aa45204276fdb94a1d262632f4a4024816e99e8da4dbd
d8b09ee8c9dc1d1dd7bd384aebce89abe8d407667cf2e62d8e94a634de017c71
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544
d98786d0d1f2ea3270d27f459db6be4a334c26b364e79f8f0d106c274aac2200
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff
dda309f29ad8d597bc83025e42ef7185f4433811c1dcb78368d5c1d9d231ac48
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e38c3a440173e613f112ccab52570ecd4069cf7c3397f91a93f130987c85ef24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b209dbe2f8ee872780c7e434e26a966f896b16dbe63f0898f393d0373d974e
e461f1fc8c8c579ce2cfd14d323e118b437217a5deedd3d7e59e0a9d7e944b1c
e51ef5dc062045d7af637675efe37c4d85d7b7e57d2b0d86d2d4aa8c3e9cf37a
e6bae7b39571a75bfc832921f67e8baecda1ad303c43049bc3c54e50cc78f2f0
e8bcbffbb8d6c67382224ce3dcc606693d1ffe08545805c167be22f9f0ab12fa
e8d68fa002da64c84f32aaee0e3ab5d5e7c8b97448f7028921497ba7e9d9753b
e96eee614efc0ae28e4949b5caff49a2bc802d2d0ccd9c8159e1ce7e025f0f77
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb3fc4da48131833f13ed5fd7635907767360a3a6bc025e880110b2cffc0e4ac
ed33f4e9416dd896ef6b963935988b1b97daf3729899c1d189ac476cd64aea81
ed7d00600fd5b5ba790a95b1a3be78c4048f75ff0dc832a9fc994f4f071d4971
ee42810653ae6607359eb0296f06ff7ffdd36838ca17b282c0cba262bce526a4
eeadec76a19d9fa4f968ac0d16090fde842b4b8c32bcb5329679f9a1fee0542b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9ca420ca4ade671af87887f2a0849f4a8044ebd9656095439df8c0b7834412
f01b752cb87ccd902b3615e52a70d912bdeab11e7e8448a4feab97a6948b686d
f0519cf59735526c06d770daf25ccbcfd671b85ccf66a0899a38164547402d7f
f1630b05ad6b3cfa55d0ff023eecc5f88c987af34e131f29d2184c3dca54492e
f17e1bb980e7d0fe619b9a0c533e583490cee54edefdedd55d2c7a826f67ccfe
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2ae8d6c068a93af1f13d8da22038ade92fdb6c927038bcdecc430406715aa93
f30711901769b5fad09214da2177589c15425a1748c77d332334fd15ed7859b9
f3e078f8c284e90bb462895b26ce4db64cdcfa4d077459060c350d8ac54e30fc
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
f496f4baed5ae06903f102b282619b7b25b7325a9bf273ef6bd700c56d475dd5
f4f8aff8772cabdb04b06674f3971e095a50793d1fdc29818108d334321d6165
f5a313736b50d48f81f0f80f58583ae930af91bfbaa5f6fa251142926015c09b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f80ff6111a2b83f8b439ade40821c168a0a97d506607a374140bc28e4eba4f20
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317
fa5e6d87814b03c3030d6cffd0a4e3c01865fc72ac833baa917c5e776873a218
fa6c76fa83584ee30e11e6e6391b5f2991e8cd45c4cb4e66fd0fcdb1bb5a70c4
fb875858831be2686e67ca7dd51f69ec152d5cc08144ffdae6286b793c579467
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9
fc99180bf7b8db9c293d6bb9672fa44c364adea1a31f1618c5a7de8bb88e9d6f
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
fd31492944e153803bfb1638bb658e97f7bdbe526e522163cd181d1445cb57a4
fdf5338d4f291bc32f81ce7560eda9ec192bf120d2ee02743c8984d8faa65ae6
fe6e721f3d866504c2f261161033d84e5c6b4fe62cf85228ba8f9cbccb694a0b
fed2f215f9768109087baebaa67d381be63b40019e7af6e1ed261eeede171270
fed4e028d93691a9c5f12b2bdbb0ecf1c903918f313fdf3441b4028a0cbcd079
ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107
ff5519f34c597a797a11305ff631c3f1e8f6dd88379f1027d4a129a8c8e357c7