freshnovosti.com Open in urlscan Pro
185.14.29.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://freshnovosti.com/
Submission: On November 13 via manual (November 13th 2020, 1:39:37 pm UTC) from GB

Summary HTTP 67 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 30 domains to perform 67 HTTP transactions. The main IP is 185.14.29.4, located in Netherlands and belongs to ITLDC-NL, UA. The main domain is freshnovosti.com.

This is the only time freshnovosti.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	185.14.29.4 185.14.29.4	21100 (ITLDC-NL) (ITLDC-NL)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:f480:1:f... 2a03:f480:1:f::d1	198068 (PAGM-AS) (PAGM-AS)
1	94.250.254.251 94.250.254.251	29182 (THEFIRST-AS) (THEFIRST-AS)
1	95.213.245.155 95.213.245.155	49505 (SELECTEL) (SELECTEL)
1	2606:4700:303... 2606:4700:3031::681b:a502	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.137.240.21 195.137.240.21	29389 (ASN-UNIAN) (ASN-UNIAN)
1	92.61.19.234 92.61.19.234	35558 (IZHNET-AS) (IZHNET-AS)
1	5.39.69.152 5.39.69.152	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3033::681f:5d84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.17.120.134 185.17.120.134	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	77.222.57.181 77.222.57.181	44112 (SWEB-AS) (SWEB-AS)
1	87.236.16.36 87.236.16.36	198610 (BEGET-AS) (BEGET-AS)
1	207.180.255.39 207.180.255.39	51167 (CONTABO) (CONTABO)
1	2a0a:2b43:69:... 2a0a:2b43:69:6a06::	35278 (SPRINTHOST) (SPRINTHOST)
1	82.165.249.200 82.165.249.200	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
1	31.131.21.126 31.131.21.126	56851 (VPS-UA-AS) (VPS-UA-AS)
1	95.142.204.171 95.142.204.171	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
2	91.239.235.252 91.239.235.252	196645 (HOSTPRO-AS) (HOSTPRO-AS)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
67	28

20 185.14.29.4 (Netherlands)

ASN21100 (ITLDC-NL, UA)
PTR: 68067-36317.hyperdomen.com

freshnovosti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:f480:1:f::d1 (Estonia)

ASN198068 (PAGM-AS, EE)

dizajninterera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.250.254.251 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: sqezo.ru

dizainmetrov.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.213.245.155 (Russian Federation)

ASN49505 (SELECTEL, RU)

m.alterainvest.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681b:a502 (United States)

ASN13335 (CLOUDFLARENET, US)

narodna-pravda.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.137.240.21 (Kyiv, Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.unian.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.61.19.234 (Russian Federation)

ASN35558 (IZHNET-AS, RU)

site.igis.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.39.69.152 (France)

ASN16276 (OVH, FR)
PTR: www2.gerchikco.com

gerchikco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681f:5d84 (United States)

ASN13335 (CLOUDFLARENET, US)

hotel-a.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.17.120.134 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: dizainvfoto.ru

www.dizainvfoto.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.222.57.181 (Russian Federation)

ASN44112 (SWEB-AS, RU)

www.domashniy-uyut.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.36 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.liberty.beget.com

balkon4life.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.180.255.39 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m11639.contaboserver.net

otoplenie-expert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0a:2b43:69:6a06:: (Russian Federation)

ASN35278 (SPRINTHOST, RU)

mainseller.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.165.249.200 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)

www.russsteuer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.131.21.126 (Rotterdam, Netherlands)

ASN56851 (VPS-UA-AS, UA)
PTR: 126.21.131.31.eushared06.twinservers.net

eurosiz.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.204.171 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv171-204.vkontakte.ru

sun1-25.userapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.239.235.252 (Ukraine)

ASN196645 (HOSTPRO-AS, UA)
PTR: guru-ua1.hostsila.org

bravo-sp.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	freshnovosti.com freshnovosti.com	810 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	197 KB
5	yandex.ru 2 redirects mc.yandex.ru	96 KB
5	doubleclick.net googleads.g.doubleclick.net
4	gstatic.com fonts.gstatic.com	55 KB
2	yandex.com 1 redirects mc.yandex.com	368 B
2	facebook.net connect.facebook.net	62 KB
2	bravo-sp.com.ua bravo-sp.com.ua	130 KB
1	facebook.com www.facebook.com
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	803 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	642 B
1	userapi.com sun1-25.userapi.com	103 KB
1	eurosiz.ua eurosiz.ua	45 KB
1	russsteuer.de www.russsteuer.de	261 KB
1	mainseller.ru mainseller.ru	152 KB
1	otoplenie-expert.com otoplenie-expert.com	31 KB
1	balkon4life.ru balkon4life.ru	40 KB
1	domashniy-uyut.net www.domashniy-uyut.net	84 KB
1	dizainvfoto.ru www.dizainvfoto.ru	251 KB
1	hotel-a.ru hotel-a.ru	91 KB
1	gerchikco.com gerchikco.com	41 KB
1	igis.ru site.igis.ru	38 KB
1	unian.net images.unian.net	39 KB
1	narodna-pravda.ua narodna-pravda.ua	76 KB
1	alterainvest.ru m.alterainvest.ru	232 KB
1	dizainmetrov.ru dizainmetrov.ru	248 KB
1	dizajninterera.org dizajninterera.org	80 KB
1	googleapis.com fonts.googleapis.com	1 KB
67	30

	Domain	Requested by
20	freshnovosti.com	freshnovosti.com
6	pagead2.googlesyndication.com	freshnovosti.com pagead2.googlesyndication.com
5	mc.yandex.ru	2 redirects freshnovosti.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	mc.yandex.com	1 redirects freshnovosti.com
2	connect.facebook.net	freshnovosti.com connect.facebook.net
2	bravo-sp.com.ua	freshnovosti.com
1	www.facebook.com	connect.facebook.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sun1-25.userapi.com	freshnovosti.com
1	eurosiz.ua	freshnovosti.com
1	www.russsteuer.de	freshnovosti.com
1	mainseller.ru	freshnovosti.com
1	otoplenie-expert.com	freshnovosti.com
1	balkon4life.ru	freshnovosti.com
1	www.domashniy-uyut.net	freshnovosti.com
1	www.dizainvfoto.ru	freshnovosti.com
1	hotel-a.ru	freshnovosti.com
1	gerchikco.com	freshnovosti.com
1	site.igis.ru	freshnovosti.com
1	images.unian.net	freshnovosti.com
1	narodna-pravda.ua	freshnovosti.com
1	m.alterainvest.ru	freshnovosti.com
1	dizainmetrov.ru	freshnovosti.com
1	dizajninterera.org	freshnovosti.com
1	fonts.googleapis.com	freshnovosti.com
67	31

This site contains links to these domains. Also see Links.

Domain
prestigekd.ru
www.timberbud.com.ua
greenwood-ua.com.ua
cbt.center
www.0412.ua
termoradosti.com.ua
megasliv.biz
eurosiz.ua
bravo-sp.com.ua
poiskautobot.com.ua
no

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.dizajninterera.org Let's Encrypt Authority X3	`2020-09-25` - `2020-12-24`	3 months	crt.sh
dizainmetrov.ru Let's Encrypt Authority X3	`2020-11-05` - `2021-02-03`	3 months	crt.sh
*.alterainvest.ru Sectigo RSA Domain Validation Secure Server CA	`2019-12-30` - `2021-01-11`	a year	crt.sh
narodna-pravda.ua Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
images.unian.net Let's Encrypt Authority X3	`2020-10-27` - `2021-01-25`	3 months	crt.sh
*.igis.ru Sectigo RSA Domain Validation Secure Server CA	`2019-11-20` - `2020-11-19`	a year	crt.sh
*.gerchikco.com RapidSSL RSA CA 2018	`2020-01-29` - `2022-02-27`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
dizainvfoto.ru Let's Encrypt Authority X3	`2020-10-30` - `2021-01-28`	3 months	crt.sh
www.domashniy-uyut.net Thawte RSA CA 2018	`2020-01-28` - `2021-02-26`	a year	crt.sh
balkon4life.ru Let's Encrypt Authority X3	`2020-10-21` - `2021-01-19`	3 months	crt.sh
otoplenie-expert.com Let's Encrypt Authority X3	`2020-11-09` - `2021-02-07`	3 months	crt.sh
mainseller.ru Let's Encrypt Authority X3	`2020-11-08` - `2021-02-06`	3 months	crt.sh
*.russsteuer.de Encryption Everywhere DV TLS CA - G1	`2020-07-11` - `2021-07-11`	a year	crt.sh
eurosiz.ua Let's Encrypt Authority X3	`2020-10-03` - `2021-01-01`	3 months	crt.sh
*.vk-cdn.net GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
bravo-sp.com.ua Let's Encrypt Authority X3	`2020-10-23` - `2021-01-21`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://freshnovosti.com/
Frame ID: DF039A714C1A70E69D1DC358B45E6B41
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201111/r20190131/zrt_lookup.html
Frame ID: FA3365D604DA1720334A1C4CC6B29C9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3806721633471347&output=html&h=250&slotname=3899499174&adk=398568833&adf=626024076&pi=t.ma~as.3899499174&w=306&fwrn=4&fwrnh=100&lmt=1605274759&rafmt=1&psa=0&format=306x250&url=http%3A%2F%2Ffreshnovosti.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605274759827&bpp=14&bdt=675&idt=95&shv=r20201111&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4874509021508&frm=20&pv=2&ga_vid=1843935836.1605274760&ga_sid=1605274760&ga_hid=365944268&ga_fc=0&iag=0&icsg=12577471&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=924&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067981&oid=3&pvsid=3659319237673190&pem=25&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rwbnPjslw0&p=http%3A//freshnovosti.com&dtd=116
Frame ID: FB7CD562CCF43EE7DB684EBBA05B7A4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3806721633471347&output=html&h=1052&slotname=5021009151&adk=3141642219&adf=3755357336&pi=t.ma~as.5021009151&w=306&cr_col=1&cr_row=13&fwrn=2&lmt=1605274759&rafmt=9&psa=0&format=306x1052&url=http%3A%2F%2Ffreshnovosti.com%2F&flash=0&crui=image_sidebyside&fwr=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605274759841&bpp=4&bdt=690&idt=112&shv=r20201111&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=306x250&correlator=4874509021508&frm=20&pv=1&ga_vid=1843935836.1605274760&ga_sid=1605274760&ga_hid=365944268&ga_fc=0&iag=0&icsg=549448383&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=924&ady=1207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067981&oid=3&pvsid=3659319237673190&pem=25&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CDzZ1MidPd&p=http%3A//freshnovosti.com&dtd=115
Frame ID: 7630D771284ED6F803D9483CF22FB4D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3806721633471347&output=html&adk=1812271804&adf=3025194257&lmt=1605274759&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Ffreshnovosti.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605274759971&bpp=1&bdt=820&idt=1&shv=r20201111&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=306x250%2C306x1052&nras=1&correlator=4874509021508&frm=20&pv=1&ga_vid=1843935836.1605274760&ga_sid=1605274760&ga_hid=365944268&ga_fc=0&iag=0&icsg=549448383&dssz=23&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067981&oid=3&pvsid=3659319237673190&pem=25&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=8
Frame ID: 26FBD6E8B53F1A8A4A3A83B5A42B76BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201111/r20190131/zrt_lookup.html?fsb=1
Frame ID: 5F875A0F88AF86AE74799198909E1B77
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=false&app_id=503595753002055&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df160ebc05878e24%26domain%3Dfreshnovosti.com%26origin%3Dhttp%253A%252F%252Ffreshnovosti.com%252Ff1560f11ab3f74c%26relation%3Dparent.parent&container_width=306&height=600&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%25A4%25D1%2580%25D0%25B5%25D1%2588-%25D0%259D%25D0%25BE%25D0%25B2%25D0%25BE%25D1%2581%25D1%2582%25D0%25B8%2F1681850518703308&locale=ru_RU&sdk=joey&show_facepile=false&show_posts=false&small_header=false&tabs=&width=300
Frame ID: 900D6647A8F2C5394779F68A32F2866A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: EA2449E4FAA689933C5C90CA9C25E0E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

67
Requests

69 %
HTTPS

44 %
IPv6

30
Domains

31
Subdomains

28
IPs

8
Countries

3208 kB
Transfer

3986 kB
Size

6
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://prestigekd.ru/catalog/myagkaya-mebel/divany/
Title: купить диван в Калининграде

Search URL Search Domain Scan URL

URL: https://www.timberbud.com.ua/
Title: https://www.timberbud.com.ua/

Search URL Search Domain Scan URL

URL: https://greenwood-ua.com.ua/poxudenie-kontrol-vesa/tabletki-dlya-pohudeniya/
Title: заказать таблетки для похудения

Search URL Search Domain Scan URL

URL: https://cbt.center/articles/sovetniki-foreks/
Title: советники Форекс

Search URL Search Domain Scan URL

URL: https://cbt.center/
Title: Центр Биржевых Технологий

Search URL Search Domain Scan URL

URL: https://cbt.center/articles/spot-foreks/
Title: спот Форекс

Search URL Search Domain Scan URL

URL: https://www.0412.ua/list/251243
Title: https://www.0412.ua/list/251243

Search URL Search Domain Scan URL

URL: https://termoradosti.com.ua/shop/infrakrasnaya-panel-otopleniya/f-91_304_keramicheskie/index.html
Title: купить керамический обогреватель

Search URL Search Domain Scan URL

URL: https://megasliv.biz/forums/remont-i-stroitelstvo.29/
Title: Курсы по недвижимости

Search URL Search Domain Scan URL

URL: https://eurosiz.ua/
Title: магазин спецодежды «Евросиз»

Search URL Search Domain Scan URL

URL: https://bravo-sp.com.ua/catalog/specobuv/
Title: фирменная спецобувь купить в киеве

Search URL Search Domain Scan URL

URL: https://poiskautobot.com.ua/kupit-jaguar
Title: Вот ссылка

Search URL Search Domain Scan URL

URL: http://no/
Title: Yulduz

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

http://connect.facebook.net/ru_RU/sdk.js HTTP 307
https://connect.facebook.net/ru_RU/sdk.js

Request Chain 57

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9091.uU2Gn-YWcWCn2Y0yt1aAVDCq4XEVElcleU8cnhQqCZgmfS7t8Cboyk3bTjGOCzIT.mke7zGgXYh65Zw1ivNMq1UA9Hy4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9091.Sb1Xzlu4F0ojWuBsq07UsNjzF9Tj0Fu0pK_YLj71vm2vUNmFju0VnWvSCVg4p2CpFydGctva3St4t7Km0tG9OA%2C%2C.r-J2RwwpEBkVs68pA4Vsn5oqsw0%2C

Request Chain 60

https://mc.yandex.ru/watch/43988644?wmode=7&page-url=http%3A%2F%2Ffreshnovosti.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605274758274%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201113143920%3Aet%3A1605274760%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1063129464705%3Arqn%3A1%3Arn%3A736599539%3Ahid%3A732346730%3Ads%3A16%2C17%2C840%2C692%2C0%2C0%2C0%2C807%2C22%2C%2C%2C%2C1684%3Afp%3A1199%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605274760%3Au%3A1605274760318842118%3App%3A3629563401%3At%3A%D0%A1%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20-%20%D0%A1%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BF%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%88%D0%BE%D1%83%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%D0%B0%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0%2C%20%D0%B0%D0%B2%D1%82%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%84%D1%80%D0%B5%D1%88%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8 HTTP 302
https://mc.yandex.ru/watch/43988644/1?wmode=7&page-url=http%3A%2F%2Ffreshnovosti.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605274758274%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201113143920%3Aet%3A1605274760%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1063129464705%3Arqn%3A1%3Arn%3A736599539%3Ahid%3A732346730%3Ads%3A16%2C17%2C840%2C692%2C0%2C0%2C0%2C807%2C22%2C%2C%2C%2C1684%3Afp%3A1199%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605274760%3Au%3A1605274760318842118%3App%3A3629563401%3At%3A%D0%A1%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20-%20%D0%A1%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BF%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%88%D0%BE%D1%83%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%D0%B0%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0%2C%20%D0%B0%D0%B2%D1%82%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%84%D1%80%D0%B5%D1%88%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
freshnovosti.com/ 99 KB
99 KB 874ms
841ms Document
text/html 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 / PHP/5.6.40
Resource Hash: 5ae589a0fb0e44940b7c6ca08a26120822de5abb0975eb760dcde34ed9d33f9d

Request headers

Host: freshnovosti.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Fri, 13 Nov 2020 13:39:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Link: <http://freshnovosti.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: wordpress_c0fe7071bec0eba6b34820dc2e54a9ad=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; httponly wordpress_c0fe7071bec0eba6b34820dc2e54a9ad=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; httponly wordpress_logged_in_c0fe7071bec0eba6b34820dc2e54a9ad=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly

GET
H/1.1 200
OK style.min.css
freshnovosti.com/wp-includes/css/dist/block-library/ 52 KB
53 KB 72ms
55ms Stylesheet
text/css 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.1
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Fri, 24 Apr 2020 15:32:14 GMT
Server: nginx/1.16.1
ETag: "5ea3067e-d159"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53593

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
freshnovosti.com/wp-includes/js/ 14 KB
14 KB 145ms
36ms Script
application/javascript 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.1
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Tue, 05 Nov 2019 22:04:02 GMT
Server: nginx/1.16.1
ETag: "5dc1f1d2-364d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13901

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42c27556e70f050098725b8f09ef40e4cd772cc252e1b4cd3d7bb95a837537be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Nov 2020 13:36:53 GMT
server: ESF
date: Fri, 13 Nov 2020 13:39:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Nov 2020 13:39:19 GMT

GET
H/1.1 200
OK genericons.css
freshnovosti.com/wp-content/themes/twentyfourteen/genericons/ 30 KB
31 KB 79ms
61ms Stylesheet
text/css 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-content/themes/twentyfourteen/genericons/genericons.css?ver=3.0.3
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Thu, 18 Aug 2016 19:28:08 GMT
Server: nginx/1.16.1
ETag: "57b60c48-7945"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31045

GET
H/1.1 200
OK style.css
freshnovosti.com/wp-content/themes/twentyfourteen/ 76 KB
76 KB 77ms
57ms Stylesheet
text/css 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-content/themes/twentyfourteen/style.css?ver=5.4.1
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: a6165c18dd448493d25e472466233f4dff3ade2007712953c5c65676f69a9765

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Thu, 18 Aug 2016 19:28:08 GMT
Server: nginx/1.16.1
ETag: "57b60c48-12e4e"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77390

GET
H/1.1 200
OK 323fe114721a2ce3005cd74084dec285ed781aef.css
freshnovosti.com/wp-content/sedlex/inline_styles/ 5 KB
5 KB 73ms
54ms Stylesheet
text/css 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-content/sedlex/inline_styles/323fe114721a2ce3005cd74084dec285ed781aef.css?ver=20201113
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: b8c153cdcfcca149ad2b5071c16066977d6ea4d9afe4978c99857e37142fd7c7

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Sat, 15 Aug 2015 10:30:29 GMT
Server: nginx/1.16.1
ETag: "55cf14c5-150d"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5389

GET
H/1.1 200
OK jquery.js Show response
freshnovosti.com/wp-includes/js/jquery/ 95 KB
95 KB 73ms
54ms Script
application/javascript 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Fri, 17 May 2019 04:25:54 GMT
Server: nginx/1.16.1
ETag: "5cde37d2-17a69"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96873

GET
H/1.1 200
OK jquery-migrate.min.js Show response
freshnovosti.com/wp-includes/js/jquery/ 10 KB
10 KB 105ms
36ms Script
application/javascript 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Server: nginx/1.16.1
ETag: "573eaa90-2748"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10056

GET
H/1.1 200
OK 37ab92e74053e6fa5e2b1e9da30a9dfd1ce2fcca.js Show response
freshnovosti.com/wp-content/sedlex/inline_scripts/ 12 KB
13 KB 107ms
35ms Script
application/javascript 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-content/sedlex/inline_scripts/37ab92e74053e6fa5e2b1e9da30a9dfd1ce2fcca.js?ver=20201113
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: a6eaed06705e9add9fde5b7e790cb437d8952a4e3eb20437e4ecb7d2d45a913c

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Sat, 15 Aug 2015 10:30:29 GMT
Server: nginx/1.16.1
ETag: "55cf14c5-3118"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12568

GET
H/1.1 200
OK 54e108ef30f654d23f7e30556a1016ba.jpg
freshnovosti.com/wp-content/uploads/2019/05/ 220 KB
220 KB 37ms
37ms Image
image/jpeg 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freshnovosti.com/wp-content/uploads/2019/05/54e108ef30f654d23f7e30556a1016ba.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 26e26d13245e9db6d553bd19749de761f28dad90dc88a2fd323dc20aa72750df

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Tue, 21 May 2019 14:07:59 GMT
Server: nginx/1.16.1
ETag: "5ce4063f-36ff1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 225265

GET
H/1.1 200
OK Divany-2019.jpg
dizajninterera.org/wp-content/uploads/2019/04/ 80 KB
80 KB 162ms
63ms Image
image/jpeg 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dizajninterera.org/wp-content/uploads/2019/04/Divany-2019.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1493de77c3001506971e67e9e687739661ad224bf6e818d4ddc5a9da74f4a692

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Sun, 21 Apr 2019 18:13:36 GMT
Server: nginx/1.18.0
ETag: "5cbcb2d0-140ea"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 82154

GET
H/1.1 200
OK Divanyi-2017-goda-9.jpg
dizainmetrov.ru/wp-content/uploads/2017/10/ 247 KB
248 KB 294ms
105ms Image
image/jpeg 94.250.254.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dizainmetrov.ru/wp-content/uploads/2017/10/Divanyi-2017-goda-9.jpg

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

94.250.254.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

sqezo.ru

Software

nginx/1.12.1 /

Resource Hash

372daa4adfcf15535b37fa606966029dd02004c82a5725e597e1806abe50efab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Fri, 20 Oct 2017 15:36:00 GMT
Server: nginx/1.12.1
ETag: "59ea17e0-3dd01"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 253185

GET
H2 200 df101104bff8cc4fcf6f42f815f03ed1.jpg
m.alterainvest.ru/upload/iblock/df1/ 231 KB
232 KB 233ms
54ms Image
image/jpeg 95.213.245.155
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.alterainvest.ru/upload/iblock/df1/df101104bff8cc4fcf6f42f815f03ed1.jpg

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.213.245.155 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

5e2642ce3f8ade4e0e4282f1adfd054d49742dbc87af7b68856bff82bbb85403

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Jun 2018 15:42:15 GMT
server: nginx/1.12.2
etag: "5b16af57-39d6a"
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 236906
expires: Sun, 13 Dec 2020 13:39:19 GMT

GET
H/1.1 200
OK produkty-s-otricatelnoj-kalorijnostyu-672x372.jpg
freshnovosti.com/wp-content/uploads/2020/05/ 50 KB
51 KB 65ms
62ms Image
image/jpeg 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freshnovosti.com/wp-content/uploads/2020/05/produkty-s-otricatelnoj-kalorijnostyu-672x372.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 0f3e2f0b3280bb31593f08bb7df0f0d0340a957c6a3c5d1e050ac15a01e82116

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Mon, 04 May 2020 18:30:14 GMT
Server: nginx/1.16.1
ETag: "5eb05f36-c9a8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51624

GET
H2 200 1521869380192583091-018871-PAHYjNU6-1024x576.jpg
narodna-pravda.ua/wp-content/uploads/2019/07/ 76 KB
76 KB 64ms
43ms Image
image/jpeg 2606:4700:3031::681b:a502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://narodna-pravda.ua/wp-content/uploads/2019/07/1521869380192583091-018871-PAHYjNU6-1024x576.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a502 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb87220d1011be11f728d98f3d466af61225b6f68d035a3ac3d4f72a7e750bbb

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 77423
cf-request-id: 06636e08c5000064bbb4804000000001
last-modified: Fri, 26 Jul 2019 10:26:56 GMT
server: cloudflare
etag: "5d3ad570-12e6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FJ35258JIysn0%2Fa1QlFr1aYNGdXp90B35I1Jyt%2FtnZebBUYZkwjjXO%2F6o1zM1cVXDyd5aCAmK4RBaAPTu93%2FZkJuu8MTI%2F4j01wnPiFVItgGGvtf78fqHGT2%2BWqf2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f18e5ee09e364bb-FRA

GET
H2 200 1000_545_1587553528-9100.jpg
images.unian.net/photos/2020_04/thumb_files/ 39 KB
39 KB 208ms
92ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.unian.net/photos/2020_04/thumb_files/1000_545_1587553528-9100.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.137.240.21 Kyiv, Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f53dac4fbfc5ab35b60754c232a3c9af468201d3a1a7e351aa21e3cbd3f75950

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
last-modified: Wed, 22 Apr 2020 11:05:32 GMT
server: nginx
etag: "108dac7acae6b5a712c0cd473d1ef540"
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
content-length: 39736
accept-ranges: bytes
x-1p1-cdn: BYPASS; Fri, 13 Nov 2020 13:39:19 GMT
expires: Fri, 27 Nov 2020 13:39:19 GMT

GET
H/1.1 200
OK bigstock-School_6666-600x400.jpg
freshnovosti.com/wp-content/uploads/2018/05/ 37 KB
37 KB 65ms
62ms Image
image/jpeg 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freshnovosti.com/wp-content/uploads/2018/05/bigstock-School_6666-600x400.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 69923d7282195ef46a7389deaeaacad9338cdd5051e7948171e9615b0464a10c

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Wed, 23 May 2018 16:26:23 GMT
Server: nginx/1.16.1
ETag: "5b05962f-92b2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37554

GET
H/1.1 200
OK 16207.jpg
site.igis.ru/blog/logo/ 38 KB
38 KB 764ms
92ms Image
image/jpeg 92.61.19.234
IZHNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.igis.ru/blog/logo/16207.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.19.234 , Russian Federation, ASN35558 (IZHNET-AS, RU),
Reverse DNS
Software: Apache /
Resource Hash: 3484a6e0982a8819540a85a99a67da699f9dc62dc6f7e5cf012d0ec8fb26a480

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:30 GMT
Last-Modified: Fri, 06 Nov 2020 05:37:09 GMT
Server: Apache
ETag: "9753-5b3699a93778d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 38739

GET
H/1.1 200
OK wXvNUMOoQo.jpeg
gerchikco.com/uploads/blog/ 41 KB
41 KB 120ms
38ms Image
image/jpeg 5.39.69.152
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gerchikco.com/uploads/blog/wXvNUMOoQo.jpeg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.39.69.152 , France, ASN16276 (OVH, FR),
Reverse DNS: www2.gerchikco.com
Software: Apache /
Resource Hash: 27a0cd0d06d62b6a9efe9c5a940112fa41afdb5041ac6db8447512fb02f4364c

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Sat, 02 Nov 2019 08:18:41 GMT
Server: Apache
ETag: "a234-59658baf2839c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 41524
Expires: Sun, 13 Dec 2020 13:39:19 GMT

GET
H2 200 538_17.jpg
hotel-a.ru/800/600/https/bouw.ru/userfiles/ 90 KB
91 KB 499ms
453ms Image
image/jpeg 2606:4700:3033::681f:5d84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hotel-a.ru/800/600/https/bouw.ru/userfiles/538_17.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8dee6253138446dc50e718607e85c83672eaee04551d752b573335c71736db5

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 92432
cf-request-id: 06636e09210000c2bd3c87b000000001
last-modified: Wed, 19 Apr 2017 14:47:25 GMT
server: cloudflare
etag: "58f7787d-16910"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vdm%2FXSGKeUt7hngsrNTP6pMl7BtPAJDBa6spOiJ5ZMIY8zEQZc8DnVcIYKS4q45o9mG57dLoazjwGtNhFZZ5fk2YK0bUDiqvkgLvO%2FjCZkO9o3JflO31"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f18e5ee9a45c2bd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK matovyy-natyazhnoy-potolok-v-klassicheskom-stile.jpg
www.dizainvfoto.ru/wp-content/uploads/2017/12/ 250 KB
251 KB 118ms
50ms Image
image/jpeg 185.17.120.134
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dizainvfoto.ru/wp-content/uploads/2017/12/matovyy-natyazhnoy-potolok-v-klassicheskom-stile.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.17.120.134 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: dizainvfoto.ru
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3db686199b79831589e4b144ce89ebf46bbb0ce10ff0b0a9d6c689acf86255dc

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Tue, 26 Nov 2019 13:53:00 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ddd2e3c-3e9ce"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 256462
Expires: Fri, 27 Nov 2020 13:39:19 GMT

GET
H2 200 potolki_kvartira.jpg
www.domashniy-uyut.net/files/142/586/ 84 KB
84 KB 245ms
112ms Image
image/jpeg 77.222.57.181
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.domashniy-uyut.net/files/142/586/potolki_kvartira.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.222.57.181 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: c09b68e5c585f0cd422a383723f4639ef37c592ec09fff4f82e0d330ad6305c7

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
last-modified: Thu, 31 Mar 2016 16:03:46 GMT
server: nginx/1.19.1
etag: "168201a-15077-52f5a683ddc80"
content-type: image/jpeg
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 86135
expires: Sun, 13 Dec 2020 13:39:19 GMT

GET
H/1.1 200
OK %D1%82%D0%B5%D1%80%D0%BC%D0%BE%D1%81%D1%82%D0%B0%D1%82.jpg
freshnovosti.com/wp-content/uploads/2019/08/ 36 KB
37 KB 37ms
37ms Image
image/jpeg 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freshnovosti.com/wp-content/uploads/2019/08/%D1%82%D0%B5%D1%80%D0%BC%D0%BE%D1%81%D1%82%D0%B0%D1%82.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 42fa7dbaad87ee0d0cdc8ea1ebff43b048b435ffb0b41b2f788f67267a47b598

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Mon, 05 Aug 2019 20:35:43 GMT
Server: nginx/1.16.1
ETag: "5d48931f-91ef"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37359

GET
H2 200 foto-obogrevatel-venecia-2-750x400.jpg
balkon4life.ru/wp-content/uploads/2019/05/ 39 KB
40 KB 196ms
64ms Image
image/jpeg 87.236.16.36
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balkon4life.ru/wp-content/uploads/2019/05/foto-obogrevatel-venecia-2-750x400.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.36 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.liberty.beget.com
Software: nginx-reuseport/1.13.4 /
Resource Hash: d5602ff08fa6711bf62e8b1318cae633afd85c94d5cea8151c8f43eb10e6a108

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
last-modified: Mon, 14 Sep 2020 19:08:04 GMT
server: nginx-reuseport/1.13.4
etag: "5f5fbf94-9dd5"
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 40405
expires: Sun, 13 Dec 2020 13:39:19 GMT

GET
H2 200 keo1.jpg
otoplenie-expert.com/wp-content/uploads/2016/11/ 31 KB
31 KB 90ms
28ms Image
image/jpeg 207.180.255.39
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otoplenie-expert.com/wp-content/uploads/2016/11/keo1.jpg

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

207.180.255.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

m11639.contaboserver.net

Software

nginx /

Resource Hash

f0a45282beab75c4b870891500d9a3aadd7f51a571b1d87c07689cdf7cd898c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
last-modified: Thu, 25 Oct 2018 02:23:26 GMT
server: nginx
etag: "5bd1291e-7a5e"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 31326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK d30a3e002a91192be688435d84fc24b5-672x372.jpeg
freshnovosti.com/wp-content/uploads/2019/09/ 50 KB
51 KB 38ms
38ms Image
image/jpeg 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freshnovosti.com/wp-content/uploads/2019/09/d30a3e002a91192be688435d84fc24b5-672x372.jpeg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 8d9a6bccf9e6e9a5477b4b96b52bb0c7b7f3dc612342f61b2e8223fefd7077b1

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Thu, 19 Sep 2019 07:55:40 GMT
Server: nginx/1.16.1
ETag: "5d83347c-c98d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51597

GET
H2 200 kursy-rieltorov.jpg
mainseller.ru/wp-content/uploads/ 152 KB
152 KB 148ms
64ms Image
image/jpeg 2a0a:2b43:69:6a06::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mainseller.ru/wp-content/uploads/kursy-rieltorov.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:2b43:69:6a06:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 6f31ec2e3f539a50f19a4f4eef81ea4ff4793c864c32b8574c00ca09b43d6498

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
last-modified: Fri, 25 Sep 2020 08:10:21 GMT
server: openresty
etag: "5f6da5ed-25f11"
content-type: image/jpeg
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 155409
expires: Fri, 20 Nov 2020 13:39:19 GMT

GET
H2 200 c4.jpg
www.russsteuer.de/assets/templates/clever/img/bg-img/ 261 KB
261 KB 271ms
188ms Image
image/jpeg 82.165.249.200
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.russsteuer.de/assets/templates/clever/img/bg-img/c4.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 82.165.249.200 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: dad39c7b9f13887fda4bc4ce91a9e69b5c89470f11548c7af891c9108980689e

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
last-modified: Wed, 29 Apr 2020 16:43:50 GMT
server: nginx
x-powered-by: PleskLin
etag: "5ea9aec6-413cc"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 267212

GET
H2 200 %D0%91%D0%B5%D0%B7-%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F-4.png
eurosiz.ua/wp-content/uploads/2020/10/ 44 KB
45 KB 350ms
141ms Image
image/png 31.131.21.126
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eurosiz.ua/wp-content/uploads/2020/10/%D0%91%D0%B5%D0%B7-%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F-4.png
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.131.21.126 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 126.21.131.31.eushared06.twinservers.net
Software: LiteSpeed /
Resource Hash: b5bd7203f03ee81230ebd2bacc92435921a92e77dbd95179609be2c96a9648d0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
last-modified: Mon, 12 Oct 2020 16:42:51 GMT
server: LiteSpeed
content-type: image/png
status: 200
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 45378
expires: Sat, 13 Nov 2021 19:39:19 GMT

GET
H2 200 _0vAqK_jJCE.jpg
sun1-25.userapi.com/j_ISuwkrN3SzHvtOUkbJ9Pw5_xknrx3V3RQ0aA/ 102 KB
103 KB 196ms
63ms Image
image/jpeg 95.142.204.171
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sun1-25.userapi.com/j_ISuwkrN3SzHvtOUkbJ9Pw5_xknrx3V3RQ0aA/_0vAqK_jJCE.jpg

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.204.171 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv171-204.vkontakte.ru

Software

nginx/1.18.0 /

Resource Hash

752cf1aec9538b5d0214f171b84b6919b0ae530ab7531233a16d87b4fa4a4eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
x-frontend: front1-25
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx/1.18.0
status: 200
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Frontend
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 104703
expires: Sun, 13 Dec 2020 13:39:19 GMT

GET
H2 200 de9178ad1c8afc62aa4b167fb93cb6b2.jpg
bravo-sp.com.ua/upload/iblock/de9/ 88 KB
88 KB 206ms
58ms Image
image/jpeg 91.239.235.252
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bravo-sp.com.ua/upload/iblock/de9/de9178ad1c8afc62aa4b167fb93cb6b2.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.239.235.252 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: guru-ua1.hostsila.org
Software: LiteSpeed /
Resource Hash: fdcf913e6de7dc6fb1c2f392e17a0774849151bf8f4d48beccacf647100b738e

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
last-modified: Thu, 11 Jun 2020 14:03:57 GMT
server: LiteSpeed
content-type: image/jpeg
status: 200
cache-control: public, max-age=259200
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-22=":443"; ma=2592000
content-length: 89721
expires: Mon, 16 Nov 2020 13:39:19 GMT

GET
H2 200 63b6f36176ca7ffbec191c2a5206a225.jpg
bravo-sp.com.ua/upload/iblock/63b/ 42 KB
42 KB 289ms
171ms Image
image/jpeg 91.239.235.252
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bravo-sp.com.ua/upload/iblock/63b/63b6f36176ca7ffbec191c2a5206a225.jpg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.239.235.252 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: guru-ua1.hostsila.org
Software: LiteSpeed /
Resource Hash: d63563c32227a0a3d8ebc201e5f6513c18668e370eaace3b326ad602e34b3a4f

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
last-modified: Thu, 11 Jun 2020 14:12:01 GMT
server: LiteSpeed
content-type: image/jpeg
status: 200
cache-control: public, max-age=259200
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-22=":443"; ma=2592000
content-length: 42820
expires: Mon, 16 Nov 2020 13:39:19 GMT

GET
H/1.1 200
OK pattern-light.svg
freshnovosti.com/wp-content/themes/twentyfourteen/images/ 540 B
782 B 35ms
34ms Image
image/svg+xml 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freshnovosti.com/wp-content/themes/twentyfourteen/images/pattern-light.svg
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/wp-content/themes/twentyfourteen/style.css?ver=5.4.1
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 93b5a10cc952e6cf5e162e462598d14898ca5e00a3f450e9afaae97d0ede2bf3

Request headers

Referer: http://freshnovosti.com/wp-content/themes/twentyfourteen/style.css?ver=5.4.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Thu, 18 Aug 2016 19:28:08 GMT
Server: nginx/1.16.1
ETag: "57b60c48-21c"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 540

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 55ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://freshnovosti.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 23:28:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 483072
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sun, 07 Nov 2021 23:28:07 GMT

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27bd6083d5c3afcc96234c072ec945eec094d854f88572071e928d552d0af2a0

Request headers

Origin: http://freshnovosti.com
Referer: http://freshnovosti.com/wp-content/themes/twentyfourteen/genericons/genericons.css?ver=3.0.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 52ms
12ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://freshnovosti.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 09:05:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 448432
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Mon, 08 Nov 2021 09:05:27 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 49ms
11ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://freshnovosti.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 09:05:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 448426
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Mon, 08 Nov 2021 09:05:33 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 13 KB
14 KB 43ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://freshnovosti.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 02:44:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 39274
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Sat, 13 Nov 2021 02:44:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 47ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af37fe3ad7a203af217db65b76b7c0931626f71e1c3a7b7163b447fdc5e4dc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45475
x-xss-protection: 0
server: cafe
etag: 12302490219791743052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Nov 2020 13:39:19 GMT

GET
H/1.1 200
OK loader.gif
freshnovosti.com/wp-content/plugins/facebook-pagelike-widget/ 8 KB
8 KB 37ms
37ms Image
image/gif 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freshnovosti.com/wp-content/plugins/facebook-pagelike-widget/loader.gif
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: dede012563c945321fbe3952281658f48ee6bda0531c3301bc82e28efc01421f

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Fri, 18 Oct 2019 10:36:53 GMT
Server: nginx/1.16.1
ETag: "5da995c5-202e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8238

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/ 231 KB
87 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97cace8f7fa9112f2a5e3a3ac34e7b07c429db92b765072816136b7c99aeae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88641
x-xss-protection: 0
server: cafe
etag: 13763883164775661416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Nov 2020 13:39:19 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201111/r20190131/ Frame FA33 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201111/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://freshnovosti.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://freshnovosti.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 12 Nov 2020 19:55:02 GMT
expires: Thu, 26 Nov 2020 19:55:02 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 63857
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK switch.png
freshnovosti.com/wp-content/plugins/wp-mobile-edition/assets/images/ 1 KB
2 KB 36ms
35ms Image
image/png 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freshnovosti.com/wp-content/plugins/wp-mobile-edition/assets/images/switch.png
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: de07962c3db454eff893f564b561917d5df4f5ca9b79411e1ba4b7c45b5f796f

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Fri, 18 Oct 2019 10:37:05 GMT
Server: nginx/1.16.1
ETag: "5da995d1-592"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1426

GET
H/1.1 200
OK functions.js Show response
freshnovosti.com/wp-content/themes/twentyfourteen/js/ 6 KB
6 KB 37ms
35ms Script
application/javascript 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-content/themes/twentyfourteen/js/functions.js?ver=20150315
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 5c95e51b1dba3984f2d486541f3447c69d274128df79a235c72d7dc0710437b9

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Thu, 18 Aug 2016 19:28:08 GMT
Server: nginx/1.16.1
ETag: "57b60c48-179a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6042

GET
H/1.1 200
OK wp-embed.min.js Show response
freshnovosti.com/wp-includes/js/ 1 KB
2 KB 39ms
38ms Script
application/javascript 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-includes/js/wp-embed.min.js?ver=5.4.1
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Sat, 26 Oct 2019 00:17:07 GMT
Server: nginx/1.16.1
ETag: "5db39083-59a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1434

GET
H/1.1 200
OK fb.js Show response
freshnovosti.com/wp-content/plugins/facebook-pagelike-widget/ 651 B
902 B 36ms
36ms Script
application/javascript 185.14.29.4
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://freshnovosti.com/wp-content/plugins/facebook-pagelike-widget/fb.js?ver=1.0
Requested by: Host: freshnovosti.com
URL: http://freshnovosti.com/
Protocol: HTTP/1.1
Server: 185.14.29.4 , Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: 68067-36317.hyperdomen.com
Software: nginx/1.16.1 /
Resource Hash: 544176bafee5678e0476285fd3aa964b9acc65155ca7d72214afc1e96e921d5a

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 13:39:19 GMT
Last-Modified: Fri, 18 Oct 2019 10:36:53 GMT
Server: nginx/1.16.1
ETag: "5da995c5-28b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 651

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 134ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

97863c262254c3df6ff2e518ad72050dbf63ad92fb0e498914a8c5424aeef893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:20 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 08:20:59 GMT
status: 200
etag: "5f993b61-17714"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 96020
expires: Fri, 13 Nov 2020 14:39:20 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
642 B 99ms
33ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=freshnovosti.com&callback=_gfp_s_&client=ca-pub-3806721633471347

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

32e117dc627ce201da77dd8c6f3df474acba2225f4596ea7163ed553874ea980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Nov 2020 13:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=freshnovosti.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Nov 2020 13:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=freshnovosti.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Nov 2020 13:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame FB7C 0
0 228ms
228ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3806721633471347&output=html&h=250&slotname=3899499174&adk=398568833&adf=626024076&pi=t.ma~as.3899499174&w=306&fwrn=4&fwrnh=100&lmt=1605274759&rafmt=1&psa=0&format=306x250&url=http%3A%2F%2Ffreshnovosti.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605274759827&bpp=14&bdt=675&idt=95&shv=r20201111&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4874509021508&frm=20&pv=2&ga_vid=1843935836.1605274760&ga_sid=1605274760&ga_hid=365944268&ga_fc=0&iag=0&icsg=12577471&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=924&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067981&oid=3&pvsid=3659319237673190&pem=25&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rwbnPjslw0&p=http%3A//freshnovosti.com&dtd=116

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3806721633471347&output=html&h=250&slotname=3899499174&adk=398568833&adf=626024076&pi=t.ma~as.3899499174&w=306&fwrn=4&fwrnh=100&lmt=1605274759&rafmt=1&psa=0&format=306x250&url=http%3A%2F%2Ffreshnovosti.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605274759827&bpp=14&bdt=675&idt=95&shv=r20201111&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4874509021508&frm=20&pv=2&ga_vid=1843935836.1605274760&ga_sid=1605274760&ga_hid=365944268&ga_fc=0&iag=0&icsg=12577471&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=924&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067981&oid=3&pvsid=3659319237673190&pem=25&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rwbnPjslw0&p=http%3A//freshnovosti.com&dtd=116
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://freshnovosti.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://freshnovosti.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Nov 2020 13:39:20 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Nov-2020 13:54:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Nov 2020 13:39:20 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e28099ec8875ba272b12bb0fb2a7269c2e0ac46d1761ee6ff4f069a59fd4e39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605098045670130"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28195
x-xss-protection: 0
expires: Fri, 13 Nov 2020 13:39:19 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7630 0
0 527ms
526ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3806721633471347&output=html&h=1052&slotname=5021009151&adk=3141642219&adf=3755357336&pi=t.ma~as.5021009151&w=306&cr_col=1&cr_row=13&fwrn=2&lmt=1605274759&rafmt=9&psa=0&format=306x1052&url=http%3A%2F%2Ffreshnovosti.com%2F&flash=0&crui=image_sidebyside&fwr=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605274759841&bpp=4&bdt=690&idt=112&shv=r20201111&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=306x250&correlator=4874509021508&frm=20&pv=1&ga_vid=1843935836.1605274760&ga_sid=1605274760&ga_hid=365944268&ga_fc=0&iag=0&icsg=549448383&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=924&ady=1207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067981&oid=3&pvsid=3659319237673190&pem=25&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CDzZ1MidPd&p=http%3A//freshnovosti.com&dtd=115

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3806721633471347&output=html&h=1052&slotname=5021009151&adk=3141642219&adf=3755357336&pi=t.ma~as.5021009151&w=306&cr_col=1&cr_row=13&fwrn=2&lmt=1605274759&rafmt=9&psa=0&format=306x1052&url=http%3A%2F%2Ffreshnovosti.com%2F&flash=0&crui=image_sidebyside&fwr=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605274759841&bpp=4&bdt=690&idt=112&shv=r20201111&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=306x250&correlator=4874509021508&frm=20&pv=1&ga_vid=1843935836.1605274760&ga_sid=1605274760&ga_hid=365944268&ga_fc=0&iag=0&icsg=549448383&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=924&ady=1207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067981&oid=3&pvsid=3659319237673190&pem=25&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CDzZ1MidPd&p=http%3A//freshnovosti.com&dtd=115
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://freshnovosti.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://freshnovosti.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Nov 2020 13:39:20 GMT
server: cafe
content-length: 26721
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Nov-2020 13:54:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Nov 2020 13:39:20 GMT
cache-control: private

GET
H2

200

sdk.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/sdk.js
https://connect.facebook.net/ru_RU/sdk.js

3 KB
2 KB

19ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb10770eb7864a39fa7018623e0290fd823a49f89cb3d4f3683769329f4f1ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HX2SULxFU57oLm5FtmlPRg==
status: 200
cross-origin-resource-policy: cross-origin
expires: Fri, 13 Nov 2020 13:40:58 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
etag: "718ada9535dbac02d2b4c24725aea1c8"
x-fb-debug: tACsBlsmkn/V8jDrrpMcEDlXAdzl0u/pKl6PhUeu9PvBWNXp+V7lUMPZ44FuEVSM9pXNKkc+d03X99hEumER9Q==
x-fb-trip-id: 664085054
x-fb-content-md5: ff8cc8615ff90bff19e97e2e2dccff82
date: Fri, 13 Nov 2020 13:39:20 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/ru_RU/sdk.js#xfbml=1&version=v2.4&appId=503595753002055
Non-Authoritative-Reason: HSTS

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 20ms
15ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Ffreshnovosti.com%2F&tn=HEADER&id=masthead&cls=site-header&ign=false

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Nov 2020 13:39:19 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 26FB 0
0 390ms
390ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3806721633471347&output=html&adk=1812271804&adf=3025194257&lmt=1605274759&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Ffreshnovosti.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605274759971&bpp=1&bdt=820&idt=1&shv=r20201111&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=306x250%2C306x1052&nras=1&correlator=4874509021508&frm=20&pv=1&ga_vid=1843935836.1605274760&ga_sid=1605274760&ga_hid=365944268&ga_fc=0&iag=0&icsg=549448383&dssz=23&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067981&oid=3&pvsid=3659319237673190&pem=25&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3806721633471347&output=html&adk=1812271804&adf=3025194257&lmt=1605274759&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Ffreshnovosti.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605274759971&bpp=1&bdt=820&idt=1&shv=r20201111&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=306x250%2C306x1052&nras=1&correlator=4874509021508&frm=20&pv=1&ga_vid=1843935836.1605274760&ga_sid=1605274760&ga_hid=365944268&ga_fc=0&iag=0&icsg=549448383&dssz=23&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067981&oid=3&pvsid=3659319237673190&pem=25&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://freshnovosti.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://freshnovosti.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Nov 2020 13:39:20 GMT
server: cafe
content-length: 38765
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Nov-2020 13:54:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Nov 2020 13:39:20 GMT
cache-control: private

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 195 KB
59 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=8e33c80660e963091277501c17bc1f21&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82801bbef77c87367598498be125d4e87a31dbf550d0eaccb165e588c6eb2a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://freshnovosti.com
Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fSGhKqGedlWYZIevgmFbJA==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60147
etag: "b65d1f80e8470d6c2bf7a796030410e9"
x-fb-debug: /ghBSj6vT2uEY9qUWVvSZ37wYp+Y0qxgGkTQgY+n2Jud05X7r8f7wcQLIPPloxRDSrs1xHrUIfONCO4gvy6Yow==
x-fb-trip-id: 664085054
x-fb-content-md5: 1c4ee5e3c99c7f45a1744a8c2df31931
x-frame-options: DENY
date: Fri, 13 Nov 2020 13:39:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 13 Nov 2021 12:30:49 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9091.uU2Gn-YWcWCn2Y0yt1aAVDCq4XEVElcleU8cnhQqCZgmfS7t8Cboyk3bTjGOCzIT.mke7zGgXYh65Zw1ivNMq1UA9Hy4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9091.Sb1Xzlu4F0ojWuBsq07UsNjzF9Tj0Fu0pK_YLj71vm2vUNmFju0VnWvSCVg4p2CpFydGctva3St4t7Km0tG9OA%2C%2C.r-J2RwwpEBkVs68pA4Vsn5oqsw0%2C

75 B
75 B

48ms
48ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9091.Sb1Xzlu4F0ojWuBsq07UsNjzF9Tj0Fu0pK_YLj71vm2vUNmFju0VnWvSCVg4p2CpFydGctva3St4t7Km0tG9OA%2C%2C.r-J2RwwpEBkVs68pA4Vsn5oqsw0%2C

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 400
date: Fri, 13 Nov 2020 13:39:20 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

status: 302
date: Fri, 13 Nov 2020 13:39:20 GMT
strict-transport-security: max-age=31536000
location: https://mc.yandex.com/sync_cookie_image_decide?token=9091.Sb1Xzlu4F0ojWuBsq07UsNjzF9Tj0Fu0pK_YLj71vm2vUNmFju0VnWvSCVg4p2CpFydGctva3St4t7Km0tG9OA%2C%2C.r-J2RwwpEBkVs68pA4Vsn5oqsw0%2C
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:20 GMT
last-modified: Thu, 12 Nov 2020 16:37:25 GMT
status: 200
etag: "5fad63f9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 13 Nov 2020 14:39:20 GMT

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/ 144 KB
52 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63a98bba2dba70adcbcb8955b3c8a1f41eb256ae1d4246656c3e8ce0e2ce338e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52980
x-xss-protection: 0
server: cafe
etag: 7094562571881906495
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Nov 2020 13:39:20 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/43988644/
Redirect Chain

https://mc.yandex.ru/watch/43988644?wmode=7&page-url=http%3A%2F%2Ffreshnovosti.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605274758274%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3...
https://mc.yandex.ru/watch/43988644/1?wmode=7&page-url=http%3A%2F%2Ffreshnovosti.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605274758274%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr...

186 B
326 B

46ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/43988644/1?wmode=7&page-url=http%3A%2F%2Ffreshnovosti.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605274758274%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201113143920%3Aet%3A1605274760%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1063129464705%3Arqn%3A1%3Arn%3A736599539%3Ahid%3A732346730%3Ads%3A16%2C17%2C840%2C692%2C0%2C0%2C0%2C807%2C22%2C%2C%2C%2C1684%3Afp%3A1199%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605274760%3Au%3A1605274760318842118%3App%3A3629563401%3At%3A%D0%A1%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20-%20%D0%A1%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BF%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%88%D0%BE%D1%83%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%D0%B0%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0%2C%20%D0%B0%D0%B2%D1%82%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%84%D1%80%D0%B5%D1%88%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8

Requested by

Host: freshnovosti.com
URL: http://freshnovosti.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b80c9624e13a4095e09138dc591b04b21f32973c732c48bbcb7b821631dc8a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 13:39:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 13-Nov-2020 13:39:20 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://freshnovosti.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Fri, 13-Nov-2020 13:39:20 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Nov 2020 13:39:20 GMT
last-modified: Fri, 13-Nov-2020 13:39:20 GMT
status: 302
location: /watch/43988644/1?wmode=7&page-url=http%3A%2F%2Ffreshnovosti.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605274758274%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201113143920%3Aet%3A1605274760%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1063129464705%3Arqn%3A1%3Arn%3A736599539%3Ahid%3A732346730%3Ads%3A16%2C17%2C840%2C692%2C0%2C0%2C0%2C807%2C22%2C%2C%2C%2C1684%3Afp%3A1199%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605274760%3Au%3A1605274760318842118%3App%3A3629563401%3At%3A%D0%A1%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20-%20%D0%A1%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BF%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%88%D0%BE%D1%83%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%D0%B0%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0%2C%20%D0%B0%D0%B2%D1%82%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%84%D1%80%D0%B5%D1%88%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8
access-control-allow-origin: http://freshnovosti.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 13-Nov-2020 13:39:20 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201111/r20190131/ Frame 5F87 0
0 7ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201111/r20190131/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201111/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://freshnovosti.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://freshnovosti.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 12 Nov 2020 20:22:39 GMT
expires: Thu, 26 Nov 2020 20:22:39 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 62201
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
32ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201111&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a6b919f138353dc88d0d3d6961aafbde153831e221e20917f698457d0b94d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Nov 2020 13:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6329
x-xss-protection: 0

GET
H2 200 page.php
www.facebook.com/v2.4/plugins/ Frame 900D 0
0 108ms
94ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=false&app_id=503595753002055&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df160ebc05878e24%26domain%3Dfreshnovosti.com%26origin%3Dhttp%253A%252F%252Ffreshnovosti.com%252Ff1560f11ab3f74c%26relation%3Dparent.parent&container_width=306&height=600&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%25A4%25D1%2580%25D0%25B5%25D1%2588-%25D0%259D%25D0%25BE%25D0%25B2%25D0%25BE%25D1%2581%25D1%2582%25D0%25B8%2F1681850518703308&locale=ru_RU&sdk=joey&show_facepile=false&show_posts=false&small_header=false&tabs=&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=8e33c80660e963091277501c17bc1f21&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.4/plugins/page.php?adapt_container_width=false&app_id=503595753002055&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df160ebc05878e24%26domain%3Dfreshnovosti.com%26origin%3Dhttp%253A%252F%252Ffreshnovosti.com%252Ff1560f11ab3f74c%26relation%3Dparent.parent&container_width=306&height=600&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%25A4%25D1%2580%25D0%25B5%25D1%2588-%25D0%259D%25D0%25BE%25D0%25B2%25D0%25BE%25D1%2581%25D1%2582%25D0%25B8%2F1681850518703308&locale=ru_RU&sdk=joey&show_facepile=false&show_posts=false&small_header=false&tabs=&width=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://freshnovosti.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://freshnovosti.com/

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v3.2
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: AUsmHdLxPsGeG99xID1jwB2TmkmgjrP44vNnx1B3odHPKPu+uNrM5AaPmwh+EHHBA9YKnXhnds8R46FhyHuyOA==
date: Fri, 13 Nov 2020 13:39:20 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201111/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 13 Nov 2020 13:39:20 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame EA24 0
0 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://freshnovosti.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://freshnovosti.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 13 Nov 2020 13:15:48 GMT
expires: Sat, 13 Nov 2021 13:15:48 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1412
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
243 B 18ms
18ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201111&jk=3659319237673190&bg=!FxSlFDTNAAUoamvQKFhJ3un8GleGpQIAAACgUgAAABJoAQcKAfpmND5K2_PHtdgoxO0ogeX9yYdhmYr87kAe1Lx2CZziV0OI1C9xwT_ObniKjEOtw1q6eAHJvUDEaUJ-w1YJVNkFM-A8KFYFrkd5UkbhaROdRnL4Ltt0FjSsA41EQejnqw-6qGcrBzgXI2pOfrQyp1n-p1ws1HEbiYlZoOQmO4s5oDKrOvGkOypVZ2R47z-_jHlnLK85BLNwaJk2JuPv8mQ0lE4gfAbKcxT71lGRixUiybbeL_nI0wpDi_rEttLlA8Thxsq76bPpbl5nZl7WSJFS-ZF0NtZA99Be-qfTDuvpb2-SuJcrN2Zq9-DHEd-Bz9SOvQ-RfHtKAzaFTSB6cwkC-rBRrkPdF7V_eshAMXSr3OJcT_BZKAJEBVdprz2IwrJYpXBbbONnbRsplU7rUQ8krJvh5I620MFc_pDmI6C4W8VGLepiSjyLHJnwcGqpzJL5q_GXG6D3gL-N1hwIBMYeXimXUyzwEabDYtyxOLCwpIWsTcW6yfTUfbRf3tENQAUMLbgTeuK09SojsjYseTlFi1-o2MYIhXNHR7gnkWfHmClU5z08t_vaSOLjFsFlSHqiowxTPQtHtE_LGJbvTWGDcw798WBTfawczh0-cm-xPEqi-JEiR-xVYLahM2e7xZye8d-qB9t-fPh5MHm9X-btl9T0rvxMoTwGgZkBuFWc4Ih7iEQ16oGWnDu5MLDzjce1EMjMCWrlFItiNLtUEYq_UZiryQ0eHLaqwGUdrWrTxEYXC9F5pdDrdxtpYigGek8jgprXS7s_jyFAsowM8ze9saEzfWswavEciCYa3Ylwewdy2d_OqmcZ90Ov9-0py-L06KaphEE0MpY_Ac-nhd-wPNiIvajRfz8GK2VYIfEjnEbWB_XmtbtkUDv90qX5eL9DoCUjy4UmuDR0-odelWmxEW3qjlV3JnhGJaaDCRyq8aSUd0tis352ejVH1lQzv04XYefQDAsNTAc5NuH5cK-TtmHEanpoXZ_-N4RORfGBYmFE2rUGPmyGCH7jjRnU0bJTv8ZYOg0plvk7s3lFvbp8xmqPBsbG2AHEsjoAHwYX9G9CH1DluzR0sSkcFh1tJ_EejDXR3WX6A2xCFHQ-jc5k7fzgOaWnLqtTxzg1F11j2YABJYe1l8d6GLvyftBHz77eADNby1jl5BMYPbTygyF7gnpcAWf2onvN9XhRtl1ka7CQeeukJKgJU2ICIIWn-jg-gcxZGP10Xyq2qaXfv49uDffbrc1QHF8Zj4rrPC7Jx6PGtr-N

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://freshnovosti.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 13:39:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 23:16:10	Name: IDE Value: AHWqTUloYu2ia0YiAP5bvno7mRhJj4FsVhhdJ-f_2-jDIBYUfd_jx8Nr_CyMqkWH
.freshnovosti.com/	1970-01-19 23:16:10	Name: __gads Value: ID=a23c931ab4326fe5-22476a4b6ea600dc:T=1605274760:RT=1605274760:S=ALNI_MYCz46_4WPv3jd0dsmpPMePioiuwQ
.freshnovosti.com/	1970-01-19 22:40:10	Name: _ym_d Value: 1605274760
.freshnovosti.com/	1970-01-19 13:54:36	Name: _ym_visorc_43988644 Value: w
.freshnovosti.com/	1970-01-19 13:55:46	Name: _ym_isad Value: 2
.freshnovosti.com/	1970-01-19 22:40:10	Name: _ym_uid Value: 1605274760318842118

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://freshnovosti.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
balkon4life.ru
bravo-sp.com.ua
connect.facebook.net
dizainmetrov.ru
dizajninterera.org
eurosiz.ua
fonts.googleapis.com
fonts.gstatic.com
freshnovosti.com
gerchikco.com
googleads.g.doubleclick.net
hotel-a.ru
images.unian.net
m.alterainvest.ru
mainseller.ru
mc.yandex.com
mc.yandex.ru
narodna-pravda.ua
otoplenie-expert.com
pagead2.googlesyndication.com
partner.googleadservices.com
site.igis.ru
sun1-25.userapi.com
tpc.googlesyndication.com
www.dizainvfoto.ru
www.domashniy-uyut.net
www.facebook.com
www.googletagservices.com
www.russsteuer.de
172.217.22.66
185.14.29.4
185.17.120.134
195.137.240.21
207.180.255.39
2606:4700:3031::681b:a502
2606:4700:3033::681f:5d84
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:81f::200a
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:f480:1:f::d1
2a0a:2b43:69:6a06::
31.131.21.126
5.39.69.152
77.222.57.181
82.165.249.200
87.236.16.36
91.239.235.252
92.61.19.234
94.250.254.251
95.142.204.171
95.213.245.155
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0f3e2f0b3280bb31593f08bb7df0f0d0340a957c6a3c5d1e050ac15a01e82116
1493de77c3001506971e67e9e687739661ad224bf6e818d4ddc5a9da74f4a692
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
26e26d13245e9db6d553bd19749de761f28dad90dc88a2fd323dc20aa72750df
27a0cd0d06d62b6a9efe9c5a940112fa41afdb5041ac6db8447512fb02f4364c
27bd6083d5c3afcc96234c072ec945eec094d854f88572071e928d552d0af2a0
32e117dc627ce201da77dd8c6f3df474acba2225f4596ea7163ed553874ea980
3484a6e0982a8819540a85a99a67da699f9dc62dc6f7e5cf012d0ec8fb26a480
372daa4adfcf15535b37fa606966029dd02004c82a5725e597e1806abe50efab
3db686199b79831589e4b144ce89ebf46bbb0ce10ff0b0a9d6c689acf86255dc
42c27556e70f050098725b8f09ef40e4cd772cc252e1b4cd3d7bb95a837537be
42fa7dbaad87ee0d0cdc8ea1ebff43b048b435ffb0b41b2f788f67267a47b598
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
544176bafee5678e0476285fd3aa964b9acc65155ca7d72214afc1e96e921d5a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ae589a0fb0e44940b7c6ca08a26120822de5abb0975eb760dcde34ed9d33f9d
5c95e51b1dba3984f2d486541f3447c69d274128df79a235c72d7dc0710437b9
5e2642ce3f8ade4e0e4282f1adfd054d49742dbc87af7b68856bff82bbb85403
63a98bba2dba70adcbcb8955b3c8a1f41eb256ae1d4246656c3e8ce0e2ce338e
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
69923d7282195ef46a7389deaeaacad9338cdd5051e7948171e9615b0464a10c
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f31ec2e3f539a50f19a4f4eef81ea4ff4793c864c32b8574c00ca09b43d6498
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
752cf1aec9538b5d0214f171b84b6919b0ae530ab7531233a16d87b4fa4a4eba
82801bbef77c87367598498be125d4e87a31dbf550d0eaccb165e588c6eb2a81
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8a6b919f138353dc88d0d3d6961aafbde153831e221e20917f698457d0b94d2f
8d9a6bccf9e6e9a5477b4b96b52bb0c7b7f3dc612342f61b2e8223fefd7077b1
93b5a10cc952e6cf5e162e462598d14898ca5e00a3f450e9afaae97d0ede2bf3
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
97863c262254c3df6ff2e518ad72050dbf63ad92fb0e498914a8c5424aeef893
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a6165c18dd448493d25e472466233f4dff3ade2007712953c5c65676f69a9765
a6eaed06705e9add9fde5b7e790cb437d8952a4e3eb20437e4ecb7d2d45a913c
af37fe3ad7a203af217db65b76b7c0931626f71e1c3a7b7163b447fdc5e4dc4f
b5bd7203f03ee81230ebd2bacc92435921a92e77dbd95179609be2c96a9648d0
b80c9624e13a4095e09138dc591b04b21f32973c732c48bbcb7b821631dc8a37
b8c153cdcfcca149ad2b5071c16066977d6ea4d9afe4978c99857e37142fd7c7
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c09b68e5c585f0cd422a383723f4639ef37c592ec09fff4f82e0d330ad6305c7
c97cace8f7fa9112f2a5e3a3ac34e7b07c429db92b765072816136b7c99aeae7
cb87220d1011be11f728d98f3d466af61225b6f68d035a3ac3d4f72a7e750bbb
d5602ff08fa6711bf62e8b1318cae633afd85c94d5cea8151c8f43eb10e6a108
d63563c32227a0a3d8ebc201e5f6513c18668e370eaace3b326ad602e34b3a4f
d8dee6253138446dc50e718607e85c83672eaee04551d752b573335c71736db5
dad39c7b9f13887fda4bc4ce91a9e69b5c89470f11548c7af891c9108980689e
de07962c3db454eff893f564b561917d5df4f5ca9b79411e1ba4b7c45b5f796f
dede012563c945321fbe3952281658f48ee6bda0531c3301bc82e28efc01421f
e28099ec8875ba272b12bb0fb2a7269c2e0ac46d1761ee6ff4f069a59fd4e39e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb10770eb7864a39fa7018623e0290fd823a49f89cb3d4f3683769329f4f1ac9
f0a45282beab75c4b870891500d9a3aadd7f51a571b1d87c07689cdf7cd898c5
f53dac4fbfc5ab35b60754c232a3c9af468201d3a1a7e351aa21e3cbd3f75950
fdcf913e6de7dc6fb1c2f392e17a0774849151bf8f4d48beccacf647100b738e

freshnovosti.com Open in urlscan Pro 185.14.29.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

67 Requests

69 %HTTPS

44 %IPv6

30 Domains

31 Subdomains

28 IPs

8 Countries

3208 kBTransfer

3986 kBSize

6 Cookies

13 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freshnovosti.com Open in urlscan Pro
185.14.29.4 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

69 %
HTTPS

44 %
IPv6

30
Domains

31
Subdomains

28
IPs

8
Countries

3208 kB
Transfer

3986 kB
Size

6
Cookies

67 HTTP transactions
1 data transactions