urlscan.io logo urlscan.io
SecurityTrails logo

www.newsx.icu Open in urlscan Pro
23.105.236.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://newsx.icu/
Effective URL: https://www.newsx.icu/
Submission Tags: tranco_l324
Submission: On November 22 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 10 countries across 68 domains to perform 331 HTTP transactions. The main IP is 23.105.236.220, located in Russian Federation and belongs to SERVERS-COM, US. The main domain is www.newsx.icu.
TLS certificate: Issued by R3 on September 15th 2021. Valid for: 3 months.
This is the only time www.newsx.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18 23.105.236.220 7979 (SERVERS-COM)
1 95.179.157.240 20473 (AS-CHOOPA)
37 104.18.17.65 13335 (CLOUDFLAR...)
3 2600:9000:205... 16509 (AMAZON-02)
3 95.181.171.233 50214 (QWARTA)
1 192.243.59.12 39572 (ADVANCEDH...)
2 95.131.27.117 49063 (DTLN)
24 146.59.43.196 16276 (OVH)
2 136.243.35.166 24940 (HETZNER-AS)
16 2a00:1450:400... 15169 (GOOGLE)
1 192.0.78.146 2635 (AUTOMATTIC)
5 26 46.4.121.26 24940 (HETZNER-AS)
1 2a0c:5c81:513... 55081 (24SHELLS)
6 2606:4700:303... 13335 (CLOUDFLAR...)
3 10 2a02:6b8::1:119 208722 (YNDX)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 157.90.6.176 24940 (HETZNER-AS)
1 142.250.186.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
32 95.163.37.253 47764 (MAILRU-AS...)
4 46.161.36.23 49505 (SELECTEL)
3 88.212.234.127 7979 (SERVERS-COM)
5 88.212.252.76 7979 (SERVERS-COM)
1 88.212.234.234 7979 (SERVERS-COM)
2 138.201.55.242 24940 (HETZNER-AS)
1 88.212.234.55 7979 (SERVERS-COM)
1 138.201.71.94 24940 (HETZNER-AS)
1 46.161.36.2 49505 (SELECTEL)
1 2a00:1450:400... 15169 (GOOGLE)
7 10 96.46.186.57 7979 (SERVERS-COM)
4 195.201.243.72 24940 (HETZNER-AS)
2 4 193.232.148.142 48061 (UMA-TECH-AS)
1 2a00:1148:db0... 47764 (MAILRU-AS...)
2 2 195.209.108.47 52007 (ADRIVER-AS)
2 81.222.128.215 20597 (ELTEL-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 194.190.117.94 204600 (REPUBLER-AS)
8 10 31.172.81.172 44066 (DE-FIRSTC...)
1 37.18.103.21 205675 (HYBRID-AS)
2 185.15.175.145 43226 (SAFEDATA ...)
2 138.201.65.74 24940 (HETZNER-AS)
1 1 142.250.184.226 15169 (GOOGLE)
1 1 109.248.237.36 201009 (SUPPORTIT-AS)
1 95.211.66.35 60781 (LEASEWEB-...)
2 3 188.34.131.132 24940 (HETZNER-AS)
3 5 88.99.214.77 24940 (HETZNER-AS)
3 3 35.190.16.14 15169 (GOOGLE)
1 1 80.64.106.148 20764 (RASCOM-AS...)
1 1 5.200.44.34 48096 (ITGRAD)
1 1 37.9.245.57 16345 (BEE-AS Ru...)
1 2 89.108.97.2 197695 (AS-REG)
4 4 217.66.147.169 29209 (SPBMTS-AS...)
2 2 213.87.44.187 13174 (MTSNET Mo...)
2 3 89.108.119.43 197695 (AS-REG)
3 3 148.251.156.238 24940 (HETZNER-AS)
2 5 31.220.27.134 39572 (ADVANCEDH...)
1 1 65.108.1.48 24940 (HETZNER-AS)
2 217.65.2.150 3175 (CITYTELEC...)
1 93.95.102.105 48347 (MTW-AS)
1 4 2a02:6b8::90 208722 (YNDX)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 185.98.54.153 39572 (ADVANCEDH...)
1 159.69.59.100 24940 (HETZNER-AS)
4 77.123.132.26 35680 (VOLIA)
2 77.123.132.42 35680 (VOLIA)
1 193.200.65.5 6681 (GIVEME-CLOUD)
2 3 104.19.136.78 13335 (CLOUDFLAR...)
1 136.243.84.75 24940 (HETZNER-AS)
1 34.120.139.69 15169 (GOOGLE)
1 37.18.16.23 205675 (HYBRID-AS)
20 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
3 6 185.15.175.146 43226 (SAFEDATA ...)
3 2600:9000:205... 16509 (AMAZON-02)
1 1 138.201.139.144 24940 (HETZNER-AS)
1 217.69.133.145 47764 (MAILRU-AS...)
3 4 2a00:1450:400... 15169 (GOOGLE)
1 185.148.37.79 48347 (MTW-AS)
1 1 146.0.227.107 20773 (GODADDY)
1 23.111.109.220 7979 (SERVERS-COM)
7 130.211.115.4 15169 (GOOGLE)
4 104.19.134.80 13335 (CLOUDFLAR...)
331 75
18    23.105.236.220 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: da1.d.fozzy.com
newsx.icu
www.newsx.icu
1    95.179.157.240 (Amsterdam, Netherlands)

ASN20473 (AS-CHOOPA, US)
PTR: neon.today
neon.today
37    104.18.17.65 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
s-img.adskeeper.com
cm.adskeeper.com
3    2600:9000:2057:2800:2:e529:700:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.orquideassp.com
3    95.181.171.233 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv233.qwarta.ru
cdn-rtb.sape.ru
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
feignoccasionedmound.com
2    95.131.27.117 (Russian Federation)

ASN49063 (DTLN, RU)
news.mirtesen.ru
mirtesen.ru
24    146.59.43.196 (France)

ASN16276 (OVH, FR)
PTR: app-hb-pl-01.adpartner.pro
a4p.adpartner.pro
2    136.243.35.166 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.166.35.243.136.clients.your-server.de
ad.a-ads.com
static.a-ads.com
16    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
1    192.0.78.146 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
supertruco.com
26    46.4.121.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info
www.acint.net
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adlane.info
6    2606:4700:3030::6815:526e (United States)

ASN13335 (CLOUDFLARENET, US)
cloudfastads.ru
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
1    2606:4700:20::681a:cae (United States)

ASN13335 (CLOUDFLARENET, US)
socpublic.com
3    157.90.6.176 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1359715.sapientru.net
ssp-rtb.sape.ru
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
13    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
32    95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io
relap.io
4    46.161.36.23 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.sselp1.imcmdb.net
stat.media
3    88.212.234.127 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-4.sser4.imcmdb.net
static.olanola.com
static1.olanola.com
5    88.212.252.76 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-4.sser5.imcmdb.net
static3.olanola.com
static8.olanola.com
1    88.212.234.234 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-4.sser2.imcmdb.net
static5.olanola.com
2    138.201.55.242 (Fellbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-3.sfa65.imcmdb.net
static6.olanola.com
1    88.212.234.55 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-4.sser3.imcmdb.net
static7.olanola.com
1    138.201.71.94 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-3.sfa66.imcmdb.net
static4.olanola.com
1    46.161.36.2 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: target2-1.sselp1.imcmdb.net
target.smi2.net
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info
acint.net
4    193.232.148.142 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.sender.ltmse.com
px.adhigh.net
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
2    195.209.108.47 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
2    81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru
ssp.adriver.ru
1    2606:4700:3039::6815:c098 (United States)

ASN13335 (CLOUDFLARENET, US)
a.utraff.com
2    194.190.117.94 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru
sync.republer.com
10    31.172.81.172 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
sync3.adsniper.ru
1    37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm-eu.hybrid.ai
2    185.15.175.145 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
tag.digitaltarget.ru
2    138.201.65.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.65.201.138.clients.your-server.de
sync.dmp.otm-r.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    109.248.237.36 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)
stat.adlabs.ru
1    95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
adlmerge.com
3    188.34.131.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.132.131.34.188.clients.your-server.de
adx.com.ru
5    88.99.214.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-214-77.clients.your-server.de
sync.1dmp.io
3    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    80.64.106.148 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru
sape-sync.rutarget.ru
1    5.200.44.34 (Russian Federation)

ASN48096 (ITGRAD, RU)
ads.adlook.me
1    37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)
0100007ff8f69a616407aa33022b39d2-sp.ops.beeline.ru
2    89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru
ut.rktch.com
4    217.66.147.169 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-169-147-66-217.spbmts.ru
sm.rtb.mts.ru
2    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
3    89.108.119.43 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru
x01.aidata.io
3    148.251.156.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.156.251.148.clients.your-server.de
exchange.buzzoola.com
5    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
uuidksinc.net
1    65.108.1.48 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de
ssp.bidvol.com
2    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
1    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
4    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
2    2606:4700:10::6816:557 (United States)

ASN13335 (CLOUDFLARENET, US)
s3.advarkads.com
2    185.98.54.153 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
hbbond.com
1    159.69.59.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.59.69.159.clients.your-server.de
ssp.otm-r.com
4    77.123.132.26 (Simferopol, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 26.132.123.77.colo.static.dcvolia.com
img.adpartner.pro
2    77.123.132.42 (Simferopol, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 42.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
3    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
sync.mgid.com
1    136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de
recreativ.ru
1    34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com
dsp-trk.eskimi.com
1    37.18.16.23 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
20    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
9    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    185.15.175.146 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
3    2600:9000:2057:4400:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
1    138.201.139.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de
cm.p.altergeo.ru
1    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi.gnezdo.ru
1    146.0.227.107 (Ascension Island)

ASN20773 (GODADDY, DE)
ads.go2net.com.ua
1    23.111.109.220 (Russian Federation)

ASN7979 (SERVERS-COM, US)
api.advarkads.com
7    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
4    104.19.134.80 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adskeeper.co.uk
Apex Domain
Subdomains		 Transfer
37 adskeeper.com
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
s-img.adskeeper.com
cm.adskeeper.com
685 KB
35 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
421 KB
32 relap.io
relap.io
197 KB
30 acint.net
www.acint.net
acint.net
18 KB
30 adpartner.pro
a4p.adpartner.pro
img.adpartner.pro
file.adpartner.pro
197 KB
18 newsx.icu
newsx.icu
www.newsx.icu
432 KB
13 olanola.com
static.olanola.com
static3.olanola.com
static5.olanola.com
static1.olanola.com
static6.olanola.com
static7.olanola.com
static8.olanola.com
static4.olanola.com
207 KB
13 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
105 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
190 KB
10 ad-score.com
js.ad-score.com
data.ad-score.com
117 KB
10 betweendigital.com
ads.betweendigital.com
6 KB
8 digitaltarget.ru
tag.digitaltarget.ru
dmg.digitaltarget.ru
23 KB
7 yandex.com
mc.yandex.com
2 KB
7 yandex.ru
mc.yandex.ru
an.yandex.ru
112 KB
6 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
4 KB
6 google.com
adservice.google.com
www.google.com
2 KB
6 cloudfastads.ru
cloudfastads.ru
101 KB
6 sape.ru
cdn-rtb.sape.ru
ssp-rtb.sape.ru
404 KB
5 googleapis.com
fonts.googleapis.com
4 KB
5 uuidksinc.net
s.uuidksinc.net
uuidksinc.net
3 KB
5 1dmp.io
sync.1dmp.io
2 KB
5 adsniper.ru
sync3.adsniper.ru
3 KB
5 bumlam.com
sync.bumlam.com
3 KB
4 adskeeper.co.uk
cdn.adskeeper.co.uk
6 KB
4 googletagservices.com
www.googletagservices.com
146 KB
4 adriver.ru
ad.adriver.ru
ssp.adriver.ru
2 KB
4 adhigh.net
px.adhigh.net
1 KB
4 stat.media
stat.media
29 KB
3 mgid.com
cm.mgid.com
sync.mgid.com
1 KB
3 advarkads.com
s3.advarkads.com
api.advarkads.com
10 KB
3 buzzoola.com
exchange.buzzoola.com
556 B
3 aidata.io
x01.aidata.io
1 KB
3 weborama.fr
redirect.frontend.weborama.fr
671 B
3 com.ru
adx.com.ru
854 B
3 otm-r.com
sync.dmp.otm-r.com
ssp.otm-r.com
437 B
3 orquideassp.com
tags.orquideassp.com
5 KB
2 hbbond.com
hbbond.com
10 KB
2 gnezdo.ru
fcgi4.gnezdo.ru
fcgi.gnezdo.ru
189 B
2 new-programmatic.com
match.new-programmatic.com
430 B
2 rktch.com
ut.rktch.com
683 B
2 hybrid.ai
dm-eu.hybrid.ai
dm.hybrid.ai
477 B
2 republer.com
sync.republer.com
950 B
2 mail.ru
ad.mail.ru
top-fwz1.mail.ru
2 KB
2 google.de
adservice.google.de
914 B
2 a-ads.com
ad.a-ads.com
static.a-ads.com
109 KB
2 mirtesen.ru
news.mirtesen.ru
mirtesen.ru
5 KB
1 go2net.com.ua
ads.go2net.com.ua
480 B
1 altergeo.ru
cm.p.altergeo.ru
523 B
1 jsdelivr.net
cdn.jsdelivr.net
23 KB
1 cloudflare.com
cdnjs.cloudflare.com
1 KB
1 eskimi.com
dsp-trk.eskimi.com
224 B
1 recreativ.ru
recreativ.ru
110 B
1 trafmag.com
t.trafmag.com
232 B
1 bidvol.com
ssp.bidvol.com
455 B
1 beeline.ru
0100007ff8f69a616407aa33022b39d2-sp.ops.beeline.ru
634 B
1 adlook.me
ads.adlook.me
164 B
1 rutarget.ru
sape-sync.rutarget.ru
416 B
1 adlmerge.com
adlmerge.com
115 B
1 adlabs.ru
stat.adlabs.ru
108 B
1 utraff.com
a.utraff.com
820 B
1 google-analytics.com
www.google-analytics.com
20 KB
1 smi2.net
target.smi2.net
463 B
1 googleadservices.com
partner.googleadservices.com
635 B
1 socpublic.com
socpublic.com
2 KB
1 adlane.info
s.adlane.info
366 B
1 supertruco.com
supertruco.com
792 B
1 feignoccasionedmound.com
feignoccasionedmound.com
1 neon.today
neon.today
730 B
331 68
Domain Requested by
32 relap.io srcdoc
www.acint.net
relap.io
27 s-img.adskeeper.com
26 www.acint.net 5 redirects cdn-rtb.sape.ru
www.newsx.icu
www.acint.net
24 a4p.adpartner.pro www.newsx.icu
a4p.adpartner.pro
20 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
16 www.newsx.icu www.newsx.icu
15 pagead2.googlesyndication.com tags.orquideassp.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 ads.betweendigital.com 7 redirects www.acint.net
cdn-rtb.sape.ru
uuidksinc.net
9 fonts.gstatic.com fonts.googleapis.com
7 data.ad-score.com js.ad-score.com
7 mc.yandex.com 2 redirects www.newsx.icu
mc.yandex.ru
6 dmg.digitaltarget.ru 3 redirects www.acint.net
uuidksinc.net
6 cloudfastads.ru www.newsx.icu
cloudfastads.ru
5 fonts.googleapis.com googleads.g.doubleclick.net
cloudfastads.ru
5 sync.1dmp.io 3 redirects www.acint.net
relap.io
5 sync3.adsniper.ru 5 redirects
5 sync.bumlam.com 3 redirects www.acint.net
4 cdn.adskeeper.co.uk www.newsx.icu
jsc.adskeeper.com
4 www.google.com 3 redirects tpc.googlesyndication.com
4 www.googletagservices.com googleads.g.doubleclick.net
4 img.adpartner.pro www.newsx.icu
4 an.yandex.ru 1 redirects www.acint.net
uuidksinc.net
4 s.uuidksinc.net 2 redirects www.newsx.icu
uuidksinc.net
4 sm.rtb.mts.ru 4 redirects
4 px.adhigh.net 2 redirects www.newsx.icu
4 acint.net www.acint.net
4 stat.media news.mirtesen.ru
stat.media
4 jsc.adskeeper.com www.newsx.icu
jsc.adskeeper.com
3 js.ad-score.com relap.io
js.ad-score.com
3 www.gstatic.com googleads.g.doubleclick.net
3 exchange.buzzoola.com 3 redirects
3 x01.aidata.io 2 redirects www.acint.net
3 redirect.frontend.weborama.fr 3 redirects
3 adx.com.ru 2 redirects www.acint.net
3 static8.olanola.com www.newsx.icu
3 ssp-rtb.sape.ru 1 redirects cdn-rtb.sape.ru
3 mc.yandex.ru 1 redirects www.newsx.icu
cdn-rtb.sape.ru
3 cdn-rtb.sape.ru www.newsx.icu
cdn-rtb.sape.ru
3 tags.orquideassp.com www.newsx.icu
2 cm.adskeeper.com jsc.adskeeper.com
2 servicer.adskeeper.com jsc.adskeeper.com
2 c.adskeeper.com jsc.adskeeper.com
2 cm.mgid.com 2 redirects
2 file.adpartner.pro www.newsx.icu
2 hbbond.com cloudfastads.ru
www.newsx.icu
2 s3.advarkads.com www.acint.net
s3.advarkads.com
2 match.new-programmatic.com www.acint.net
www.newsx.icu
2 tech.rtb.mts.ru 2 redirects
2 ut.rktch.com 1 redirects www.acint.net
2 sync.dmp.otm-r.com www.acint.net
uuidksinc.net
2 tag.digitaltarget.ru www.acint.net
tag.digitaltarget.ru
2 sync.republer.com 2 redirects
2 ssp.adriver.ru www.acint.net
2 ad.adriver.ru 2 redirects
2 static6.olanola.com www.newsx.icu
2 static1.olanola.com www.newsx.icu
2 static3.olanola.com www.newsx.icu
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 newsx.icu 2 redirects
1 api.advarkads.com s3.advarkads.com
1 ads.go2net.com.ua 1 redirects
1 fcgi.gnezdo.ru uuidksinc.net
1 sync.mgid.com uuidksinc.net
1 top-fwz1.mail.ru srcdoc
1 cm.p.altergeo.ru 1 redirects
1 uuidksinc.net hbbond.com
1 mirtesen.ru www.newsx.icu
1 cdn.jsdelivr.net cloudfastads.ru
1 cdnjs.cloudflare.com cloudfastads.ru
1 dm.hybrid.ai www.newsx.icu
1 dsp-trk.eskimi.com www.newsx.icu
1 recreativ.ru www.newsx.icu
1 t.trafmag.com www.newsx.icu
1 ssp.otm-r.com cdn-rtb.sape.ru
1 fcgi4.gnezdo.ru www.acint.net
1 ssp.bidvol.com 1 redirects
1 0100007ff8f69a616407aa33022b39d2-sp.ops.beeline.ru 1 redirects
1 ads.adlook.me 1 redirects
1 sape-sync.rutarget.ru 1 redirects
1 adlmerge.com www.acint.net
1 stat.adlabs.ru 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 dm-eu.hybrid.ai www.acint.net
1 a.utraff.com www.acint.net
1 ad.mail.ru www.acint.net
1 www.google-analytics.com a4p.adpartner.pro
1 target.smi2.net www.newsx.icu
1 static4.olanola.com www.newsx.icu
1 static7.olanola.com www.newsx.icu
1 static5.olanola.com www.newsx.icu
1 static.olanola.com news.mirtesen.ru
1 partner.googleadservices.com pagead2.googlesyndication.com
1 socpublic.com www.newsx.icu
1 s.adlane.info www.newsx.icu
1 static.a-ads.com ad.a-ads.com
1 supertruco.com tags.orquideassp.com
1 ad.a-ads.com www.newsx.icu
1 news.mirtesen.ru www.newsx.icu
1 feignoccasionedmound.com www.newsx.icu
1 neon.today www.newsx.icu
331 102
Subject Issuer Validity Valid
newsx.icu
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
neon.today
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
tags.orquideassp.com
Amazon		 2021-06-29 -
2022-07-28		 a year crt.sh
*.sape.ru
R3		 2021-10-15 -
2022-01-13		 3 months crt.sh
feignoccasionedmound.com
R3		 2021-10-07 -
2022-01-05		 3 months crt.sh
*.mirtesen.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-02 -
2022-09-22		 a year crt.sh
adpartner.pro
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tls.automattic.com
R3		 2021-11-05 -
2022-02-03		 3 months crt.sh
*.acint.net
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
s.adlane.info
ZeroSSL ECC Domain Secure Site CA		 2021-10-09 -
2022-01-07		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
relap.io
GeoTrust RSA CA 2018		 2021-08-26 -
2022-09-26		 a year crt.sh
stat.media
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
*.olanola.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-02 -
2022-09-22		 a year crt.sh
smi2.net
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
tag.digitaltarget.ru
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
new-programmatic.com
R3		 2021-10-24 -
2022-01-22		 3 months crt.sh
fcgi4.gnezdo.ru
R3		 2021-11-08 -
2022-02-06		 3 months crt.sh
advarkads.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
hbbond.com
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-11 -
2022-06-10		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
uuidksinc.net
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2021-08-23 -
2022-09-06		 a year crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-12 -
2022-05-13		 a year crt.sh
ltmse.com
R3		 2021-10-12 -
2022-01-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
sync.1dmp.io
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
fcgi5.gnezdo.ru
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2021-11-17 -
2022-05-18		 6 months crt.sh
*.advarkads.com
GlobalSign GCC R3 DV TLS CA 2020		 2020-12-03 -
2022-01-04		 a year crt.sh

This page contains 38 frames:

Primary Page: https://www.newsx.icu/
Frame ID: EF520D1084568F3D32E0F52F6B734D6C
Requests: 162 HTTP requests in this frame

Frame: https://ad.a-ads.com/1820946?size=320x50&title_color=120d0d&title_hover_color=171212&link_color=190d0d&link_hover_color=0a0606
Frame ID: C5CC30C45BC98DDE2643A0F7DD0F06C1
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7477&unit_id=7477&shown=&session_pageview=1&session_id=6d5597d3-9c74-4593-877d-6201657b265c&site_visited=1&apuid=d60edd1d-fe32-486e-83a7-1677d1764df6&width=540&screen_width=1600&reload_count=0&banner_num=1637545719975183409&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.newsx.icu%2F
Frame ID: B1287DA4E874E03BB42973F5D5EA874C
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7476&unit_id=7476&shown=&session_pageview=1&session_id=6d5597d3-9c74-4593-877d-6201657b265c&site_visited=1&apuid=d60edd1d-fe32-486e-83a7-1677d1764df6&width=540&screen_width=1600&reload_count=0&banner_num=1637545719976058171&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.newsx.icu%2F
Frame ID: 18142476699C69FD5DBF3B2206F5E2E3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Frame ID: FD6D2DFB1E52EB1345EB4AB90A589277
Requests: 9 HTTP requests in this frame

Frame: https://relap.io/v7/relap.js
Frame ID: AC2B768DBA30B4F5B6CA9CBCF10A77B6
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Frame ID: 717E6EE860D6F4E70299C63EF3CA76DF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Frame ID: B6D8011D11163F810371EC2F2A9F43E3
Requests: 12 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: 4915D85CECDCB8569F8817987601E0C5
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Frame ID: 1C792FA5668447EAA98F7F43A8725A2D
Requests: 11 HTTP requests in this frame

Frame: https://cdn-rtb.sape.ru/js/prebid/prebid-otm-4.43.4.js
Frame ID: 6659979A4570BA0D52387C9F996C5460
Requests: 2 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FF8F69A616407AA33022B39D2
Frame ID: 2D06D08C7876BC17736FB58A9AB04937
Requests: 3 HTTP requests in this frame

Frame: https://cloudfastads.ru/data/iframe/39114/desktop/609e32e18b576632b9e21920
Frame ID: 87F2D5DDE99D47E3B52AC5252073D0A7
Requests: 11 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1522725%2C%22cost%22%3A0.001520229%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22f56ea891-eed0-49cb-87d4-dbfbde14b0f9%22%7D%5D%2C%22unit_id%22%3A7477%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Frame ID: AE43D1A50B9BFC21A41180D2EA054ADA
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1522725%2C%22cost%22%3A0.001520229%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22f56ea891-eed0-49cb-87d4-dbfbde14b0f9%22%7D%5D%2C%22unit_id%22%3A7477%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Frame ID: 0E272465C973C7DE600B637466E4116E
Requests: 1 HTTP requests in this frame

Frame: https://cdn-rtb.sape.ru/js/prebid/prebid-between-5.19.0.js
Frame ID: 4A1A2DC32341ACF90442994F80525BC4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CE9CA09263CD2913ABB45ABC2A7EEC52
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 07D4867EE8AD01A8AB39274F35A28CDB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 689C9FBAEF715EAED8D96F2A064D2C66
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1713983%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22fa09542d-003f-4489-9c8c-03934e982aec%22%7D%2C%7B%22ad_id%22%3A1965011%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d26b98f2-d711-45fe-90d2-ca57a6d22885%22%7D%2C%7B%22ad_id%22%3A1567037%2C%22cost%22%3A0.001587134%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ea06810e-36cc-4e6c-91f8-711de7107062%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Frame ID: 580A9E593C663D7364BFCFF5716B7E5D
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1713983%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22fa09542d-003f-4489-9c8c-03934e982aec%22%7D%2C%7B%22ad_id%22%3A1965011%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d26b98f2-d711-45fe-90d2-ca57a6d22885%22%7D%2C%7B%22ad_id%22%3A1567037%2C%22cost%22%3A0.001587134%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ea06810e-36cc-4e6c-91f8-711de7107062%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Frame ID: 85C73C6109ADDDC7285CFB6C071A3FD4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: 0BF7EA14D3ED0BB7AE0989493E49A23C
Requests: 1 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx.html?gdpr=0&gdpr_consent=
Frame ID: 8BFBF400165054E576EC912263EEEC9A
Requests: 8 HTTP requests in this frame

Frame: https://sync.1dmp.io/supersync?t=51bada40-4b36-11ec-9752-901b0e8d9836
Frame ID: 5BF466785A6AAAA464641F7EDE3EB04D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: 07A8393770B189D8F3AFE9072ACB5534
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: 0CB7D2A30E789E385761927186F73E0E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: 23F101BF912BC311B720C61E9EDEA00C
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000793
Frame ID: 4801965CFA00B643DF609FC26B7EE1A5
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 95C012FCDBC3CBC480222E688CDD001B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 7953040B5D2782A8D361197536965F40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&adk=1687354157&adf=1791427562&lmt=1637545722&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.newsx.icu%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545722411&bpp=2&bdt=2971&idt=2&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2479cd41e922ee87-22a1f2c7eccb009d%3AT%3D1637545720%3ART%3D1637545720%3AS%3DALNI_MYyHudzJaaUvgM0ALXrAN_mmdrQhw&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90%2Cwww.newsx.icu&nras=1&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&psts=AGkb-H8RbDZRE36Xjm1Kkt7ku-TdlwMQEggHud_ED5An1TbxdYP1eI111dLa-DCUofFdPXrg_0VhpIzBueGgLg%2CAGkb-H8a80fVkpxqF-bnxch4neOss9WEubL9R6DpNgYPkw0j35q4qZyAJVXc6_X-_o8fc4AY-74NMl9cchzbXw%2CAGkb-H_LvkFQ-vLjnUtxCrtVrQMRQKmKG14laBkFDscPwgS8EY-DPJt1Wol-5wVJGI6Yhfo6b0LLleIF8W3C3Q%2CAGkb-H-rNU91WONJ0OEeMXk1pE_sPBKI5sbc8mNVOguonvalwe-ew7_8et8Rk6974b_za8ZuWDwbLWVCBIk&pvsid=2825004556918950&pem=986&tmod=1256970147&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=5&uci=a!5&fsb=1&dtd=11
Frame ID: 0CFFD7498EA650A735824C93A63A3365
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A2346D3C653BDFC42CBAFB290B5A30EE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7069E5EBAC451FA8EE1B1E9463E09311
Requests: 2 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1637545722500517645252
Frame ID: 1D77405BFD3DF8ED2D0FE4364FED2D30
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1713983%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22fa09542d-003f-4489-9c8c-03934e982aec%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Frame ID: BA2574673F15C7A7AD0138528C5EC56B
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1965011%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d26b98f2-d711-45fe-90d2-ca57a6d22885%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Frame ID: 7D8FCF73322A154E58CCF69A5F31869F
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1567037%2C%22cost%22%3A0.001587134%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ea06810e-36cc-4e6c-91f8-711de7107062%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Frame ID: C0F94237CCEA0D4EE84E8B9330AB9A62
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1713983%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22fa09542d-003f-4489-9c8c-03934e982aec%22%7D%2C%7B%22ad_id%22%3A1965011%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d26b98f2-d711-45fe-90d2-ca57a6d22885%22%7D%2C%7B%22ad_id%22%3A1567037%2C%22cost%22%3A0.001587134%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ea06810e-36cc-4e6c-91f8-711de7107062%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Frame ID: 9548578A8BF9AB1341EF014DDC5D1CDB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новости NewsX.icu

Page URL History Show full URLs

  1. http://newsx.icu/ HTTP 301
    https://newsx.icu/ HTTP 301
    https://www.newsx.icu/ Page URL

Page Statistics

331
Requests

87 %
HTTPS

25 %
IPv6

68
Domains

102
Subdomains

75
IPs

10
Countries

3594 kB
Transfer

7385 kB
Size

135
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://newsx.icu/ HTTP 301
    https://newsx.icu/ HTTP 301
    https://www.newsx.icu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FF8F69A616407AA33022B39D2&crf=1
Request Chain 79
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/match?dp=14&euid=0100007FF8F69A613900CB7902A9D980
Request Chain 80
  • https://px.adhigh.net/p/cm/sape?u=0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://px.adhigh.net/p/cm/sape?u=0100007FF8F69A616407AA33022B39D2&bounced=1 HTTP 302
  • https://acint.net/match?dp=17&euid=tXlp7xqClx.AikABlF9RVS68Q
Request Chain 82
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5323423455 HTTP 302
  • https://www.acint.net/rmatch?dp=45&euid=Ai0RbEHBR-iuFxSyvCaiJJA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FF8F69A616407AA33022B39D2
Request Chain 84
  • https://sync.republer.com/match?dsp=sape HTTP 307
  • https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
  • https://sync.bumlam.com/?src=rp1&uid=594817c2-e0c5-4848-82ad-f7aabbca24af HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj47euMBlIEioaQK2IkNTk0ODE3YzItZTBjNS00ODQ4LTgyYWQtZjdhYWJiY2EyNGFm HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj47euMBlIEioaQK2IkNTk0ODE3YzItZTBjNS00ODQ4LTgyYWQtZjdhYWJiY2EyNGFmogEQUYr76ks2Eeym6QAlkMgkNw** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhj47euMBlIEioaQK2IkNTk0ODE3YzItZTBjNS00ODQ4LTgyYWQtZjdhYWJiY2EyNGFmogEQUYsrfks2Eeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQABj47euMBmIkNTk0ODE3YzItZTBjNS00ODQ4LTgyYWQtZjdhYWJiY2EyNGFmogEQUYsrfks2Eeym6QAlkMgkNw**
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf_j2mmFkB6ozAis50g HTTP 302
  • https://www.acint.net/match?dp=77&euid=
Request Chain 89
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FF8F69A616407AA33022B39D2
Request Chain 92
  • https://adx.com.ru/sape-sync?uid=0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=619af6f8f0e01540ca2731ac&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D619af6f8f0e01540ca2731ac%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D619af6f8f0e01540ca2731ac%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D619af6f8f0e01540ca2731ac%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D619af6f8f0e01540ca2731ac%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D619af6f8f0e01540ca2731ac%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D619af6f8f0e01540ca2731ac%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=1034529891 HTTP 302
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D619af6f8f0e01540ca2731ac%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D619af6f8f0e01540ca2731ac%2526dest%253D&webouid=OhEMQXyFnnP3v8TnUY5ZQe
Request Chain 93
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FF8F69A616407AA33022B39D2&cs=1
Request Chain 94
  • https://sape-sync.rutarget.ru/sync HTTP 302
  • https://www.acint.net/match?dp=104&euid=0VnRccofN0KO
Request Chain 95
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://acint.net/match?dp=107&euid=8ed4376e-2f22-5346-8456-3768e5ccc190
Request Chain 96
  • https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
  • https://acint.net/match?dp=110&euid=c8c377dc6595460c93dbce7c77bbf840
Request Chain 97
  • https://0100007ff8f69a616407aa33022b39d2-sp.ops.beeline.ru/p?ssp=sp&id=0100007FF8F69A616407AA33022B39D2 HTTP 301
  • https://www.acint.net/match?dp=111&euid=302ab1b4-0e54-43ea-a561-b4eb24a7547e
Request Chain 98
  • https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
  • https://ut.rktch.com/matchspm?pi=1000006&pui=OhEMQXyFnnP3v8TnUY5ZQe&noredirect
Request Chain 99
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FF8F69A616407AA33022B39D2 HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FF8F69A616407AA33022B39D2 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=3f33f622-4257-4084-9121-0335d7b63733&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
  • https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Request Chain 100
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
  • https://www.acint.net/match?dp=126&euid=26a5c35c-6d30-4ab7-5960-f75bc9561a9b
Request Chain 101
  • https://s.uuidksinc.net/match/396/0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://www.acint.net/match?dp=127&euid=cLkVhHOOWa5W5U7uOEky
Request Chain 102
  • https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
  • https://www.acint.net/match?dp=129&euid=me3k5hb6oy
Request Chain 105
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007FF8F69A616407AA33022B39D2&bounce=1 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=%2B5l1bN1DZR%2B3W%2B2PqLx75Q HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=%2B5l1bN1DZR%2B3W%2B2PqLx75Q HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=3f33f622-4257-4084-9121-0335d7b63733&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FPzP2IkJXQISRIQM117Y3Mw%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D0%2526exu%253D%25252B5l1bN1DZR%25252B3W%25252B2PqLx75Q%26sign%3D766958706 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/PzP2IkJXQISRIQM117Y3Mw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D%252B5l1bN1DZR%252B3W%252B2PqLx75Q&sign=766958706
Request Chain 106
  • https://sync.bumlam.com/?src=sap1&uid=0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj47euMBlIFrbKc-w9iIDAxMDAwMDdGRjhGNjlBNjE2NDA3QUEzMzAyMkIzOUQy HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj47euMBlIFrbKc-w9iIDAxMDAwMDdGRjhGNjlBNjE2NDA3QUEzMzAyMkIzOUQyogEQUYsrfks2Eeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQABj47euMBmIgMDEwMDAwN0ZGOEY2OUE2MTY0MDdBQTMzMDIyQjM5RDKiARBRiyt-SzYR7KbpACWQyCQ3 HTTP 302
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQARj47euMBmIgMDEwMDAwN0ZGOEY2OUE2MTY0MDdBQTMzMDIyQjM5RDKiARBRiyt-SzYR7KbpACWQyCQ3
Request Chain 107
  • https://an.yandex.ru/mapuid/sapeis/0100007FF8F69A616407AA33022B39D2 HTTP 302
  • https://an.yandex.ru/mapuid/sapeis/0100007FF8F69A616407AA33022B39D2?redir-setuniq=1
Request Chain 109
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9464.Z7MjslmozSPKOEpMTFGOiE7Wot9rjMGWSH-AafyjZkPxX70mmoEySzpv61v1jiNH.pgAdwjwJM4B8CFF3eNwX5S_ZO9o%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9464.MqJ15vtrfGHK0Wbp745M4G-nqCmJIPuuUYidV8x30BAQG_EjpdtawGj3jONkncLiNtVdB-fr7TjEQuRU1GKEwg%2C%2C.i_B2xMdaYpj8Aa_OwOHoyYF1kYM%2C
Request Chain 120
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=d60edd1d-fe32-486e-83a7-1677d1764df6 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
Request Chain 121
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=d60edd1d-fe32-486e-83a7-1677d1764df6 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
Request Chain 128
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FF8F69A616407AA33022B39D2
Request Chain 129
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FF8F69A616407AA33022B39D2
Request Chain 130
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=8ed4376e-2f22-5346-8456-3768e5ccc190
Request Chain 131
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=8ed4376e-2f22-5346-8456-3768e5ccc190
Request Chain 132
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=b1f2548b-8ca8-42d7-5c2f-36be9027e0f6
Request Chain 133
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=219d9813-e5ab-4071-5c27-0739df4c83de
Request Chain 184
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FF8F69A616407AA33022B39D2
Request Chain 185
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FF8F69A616407AA33022B39D2
Request Chain 190
  • https://s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Fhbbond.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://hbbond.com/setuid?cLkVhHOOWa5W5U7uOEky
Request Chain 209
  • https://mc.yandex.com/watch/78735630?wmode=7&page-url=https%3A%2F%2Fwww.newsx.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A523%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A485688638279%3Ahid%3A33808764%3Az%3A0%3Ai%3A20211122014840%3Aet%3A1637545720%3Ac%3A1%3Arn%3A221428796%3Arqn%3A1%3Au%3A163754572037036827%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637545718968%3Ads%3A0%2C0%2C194%2C1%2C249%2C0%2C%2C616%2C20%2C%2C%2C%2C1088%3Adsn%3A0%2C0%2C195%2C1%2C250%2C0%2C%2C617%2C20%2C%2C%2C%2C1088%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637545721%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20NewsX.icu&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/78735630/1?wmode=7&page-url=https%3A%2F%2Fwww.newsx.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A523%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A485688638279%3Ahid%3A33808764%3Az%3A0%3Ai%3A20211122014840%3Aet%3A1637545720%3Ac%3A1%3Arn%3A221428796%3Arqn%3A1%3Au%3A163754572037036827%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637545718968%3Ads%3A0%2C0%2C194%2C1%2C249%2C0%2C%2C616%2C20%2C%2C%2C%2C1088%3Adsn%3A0%2C0%2C195%2C1%2C250%2C0%2C%2C617%2C20%2C%2C%2C%2C1088%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637545721%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20NewsX.icu&t=gdpr%2814%29ti%282%29
Request Chain 220
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=649414536452441.820941814569619&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F69A616407AA33022B39D2.sync:up.xdua:duSVp2_mUMR_eC6T203JdKyb.xps:xpswMBMtKa_Uso66RgXv5V0ua.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=649414536452441.820941814569619&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F69A616407AA33022B39D2.sync:up.xdua:duSVp2_mUMR_eC6T203JdKyb.xps:xpswMBMtKa_Uso66RgXv5V0ua.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Request Chain 221
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=649414536452441.616589028583477&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F69A616407AA33022B39D2.sync:up.xdua:duSVp2_mUMR_eC6T203JdKyb.xps:xpswMBMtKa_Uso66RgXv5V0ua.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=649414536452441.616589028583477&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F69A616407AA33022B39D2.sync:up.xdua:duSVp2_mUMR_eC6T203JdKyb.xps:xpswMBMtKa_Uso66RgXv5V0ua.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Request Chain 226
  • https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=LDX2xZGT HTTP 302
  • https://sync.1dmp.io/supersync?t=51bada40-4b36-11ec-9752-901b0e8d9836
Request Chain 228
  • https://cm.p.altergeo.ru/relap?aid=LDX2xZGT&nc=B162Oa4V&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
  • https://relap.io/partners/altergeocs?uid=CM2sKRdbtiTXuQxqyKntBMuQ==
Request Chain 232
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 233
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 236
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 238
  • https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=cLkVhHOOWa5W5U7uOEky&i=0.4892005534867625 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=cLkVhHOOWa5W5U7uOEky&i=0.4892005534867625
Request Chain 243
  • https://ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1 HTTP 302
  • https://s.uuidksinc.net/match/760/3f7efbc1a6e64cd5855ece6a5685bf3c

331 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.newsx.icu/
Redirect Chain
  • http://newsx.icu/
  • https://newsx.icu/
  • https://www.newsx.icu/
34 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed / InstantCMS
Resource Hash
626ae755080c24e5455d73329e057796d862e4c47ad05404de8e5b6d04b8a594

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
x-powered-by
InstantCMS
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
</cache/static/css/styles.adf67230ebc432e7e6cbc3e90c63c12b.css?1620971493>; rel=preload; as=style
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Mon, 22 Nov 2021 01:48:39 GMT
server
LiteSpeed

Redirect headers

content-type
text/html
content-length
707
date
Mon, 22 Nov 2021 01:48:39 GMT
server
LiteSpeed
location
https://www.newsx.icu/
vary
User-Agent
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
styles.adf67230ebc432e7e6cbc3e90c63c12b.css
www.newsx.icu/cache/static/css/ 		174 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsx.icu/cache/static/css/styles.adf67230ebc432e7e6cbc3e90c63c12b.css?1620971493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
69cf38a38da7ff69086c02743eaeec9c5301d7a9211668eb427183faf023492b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 19:28:28 GMT
server
LiteSpeed
etag
"2b8d8-6179a85c-be48b9b80e7c2285;br"
vary
Accept-Encoding,User-Agent
content-type
text/css; charset=utf-8
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29032
expires
Mon, 29 Nov 2021 01:48:39 GMT
56ff0e02.png
www.newsx.icu/upload/000/u1/3/a/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/3/a/56ff0e02.png
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
71c6c5283fde3416bd3d27bf476f33cccbcd3ce3968688506ca2c3b8195e2f4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Tue, 12 Oct 2021 18:59:39 GMT
server
LiteSpeed
etag
"229f-6165db1b-28ec3d8ff0ecdac7;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8863
expires
Mon, 29 Nov 2021 01:48:39 GMT
7ce39ea6.png
www.newsx.icu/upload/000/u1/d/d/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/d/d/7ce39ea6.png
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
71c6c5283fde3416bd3d27bf476f33cccbcd3ce3968688506ca2c3b8195e2f4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Tue, 12 Oct 2021 13:09:15 GMT
server
LiteSpeed
etag
"229f-616588fb-b18c75a211158a7f;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8863
expires
Mon, 29 Nov 2021 01:48:39 GMT
/
neon.today/native/script/34458/16705/ 		568 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://neon.today/native/script/34458/16705/
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.179.157.240 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS
neon.today
Software
nginx /
Resource Hash
28fc9d531af13630b17c084b1bb2b38fe8fbc6dfc3f66a589e9de50886a78237

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:39 GMT
Server
nginx
Connection
keep-alive
Content-Length
568
Content-Type
text/javascript; charset=UTF-8
newsx.icu.1232513.js
jsc.adskeeper.com/n/e/ 		2 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/n/e/newsx.icu.1232513.js
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fde2d53ca599aa172c5699f618c117af1747f3f38606888ef6b6a6cc67f4b90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
HP94KK3XYNAJ3BSV
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
740
x-amz-id-2
j56dItTsBXA3RmEbL8DzQIaVvMxAp8ABiaDoWfpR70JLxcypUVskJorIAdAL5s1uAxYzagF8oK8=
last-modified
Tue, 16 Nov 2021 09:36:20 GMT
server
cloudflare
etag
"ef76311c33211727d81b64e27c7e310e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b1e7f2b3ac2360d-MAN
expires
Mon, 22 Nov 2021 05:48:39 GMT
7996
tags.orquideassp.com/tag/ 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/7996
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2800:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
27f1501e2d868b4e7ace1662c09de3e7f4dfbbe253706bf2bbba0a7b2054a6d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
309
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Mon, 22 Nov 2021 01:43:30 GMT
content-length
662
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"296-47Q1tw/NnHiiZ9YbUmbvdDOjcOw"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
UHfuO-1FFfx3SLSHkkX1-09ilsv_3wFJLyjgbKqHF-HORbh1Q7pAUg==
122309.js
cdn-rtb.sape.ru/rtb-b/js/309/2/ 		126 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-rtb.sape.ru/rtb-b/js/309/2/122309.js
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
asrv233.qwarta.ru
Software
openresty /
Resource Hash
612562d93ad789aff20493261d26c2966d01126ce7e36599c7adb0942ecd533d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 02:42:42 GMT
server
openresty
x-amz-request-id
16B883C89D09B337
etag
W/"8faff7a1880d429de295cd7a2e69a7cc"
x-cache-status
HIT
vary
Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
content-security-policy
block-all-mixed-content
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 02:48:39 GMT
7997
tags.orquideassp.com/tag/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/7997
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2800:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3c28cb372ad95cb73e4c210b79d05f0406c078b2f9bc3cb3dd288551f0fb99cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2723
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Mon, 22 Nov 2021 01:09:59 GMT
content-length
2362
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"93a-MXZ/Rg4UdwrgJmjJFYY0zTyUWw0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
-gyA3kgALt7AMizvnKp5HsqQtIY5X5n9-bn8s-sIwwdyvPP1VRRCuA==
newsx.icu.1235697.js
jsc.adskeeper.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/n/e/newsx.icu.1235697.js
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f85d833afa834ef3bf6bbad174634bb0dec1e69c859ce032869cc4a7af2198

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
52VN12T8KTQPJS28
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
741
x-amz-id-2
cx9jGWuSBw+17YODtaWKis25UnJFTmA3YB+xxlgRfYkkAMVwBKsMIA1vleBIcH4COZB5ivNgtSw=
last-modified
Sun, 21 Nov 2021 16:39:45 GMT
server
cloudflare
etag
"b761425c5f971ed7a68dd814d084e0f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b1e7f2b3ac3360d-MAN
expires
Mon, 22 Nov 2021 05:48:39 GMT
8277
tags.orquideassp.com/tag/ 		660 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/8277
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2800:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
92b62cd336887b0400f36d047244ba3ea7a54e4fc41fafbbc9a848b203438d67
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1757
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Mon, 22 Nov 2021 01:43:30 GMT
content-length
660
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"294-iJOZSM8kkhtRzDG+gQVoNShJoX8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
_KuuxISqmR74Yw6cML2kBiga5aKns2_xRdy5NMC513YYlsYlw2Enbg==
89380e8b.jpg
www.newsx.icu/upload/000/u1/f/e/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/f/e/89380e8b.jpg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
e648d440cb4c221cf9482b75048a52af982a51d80e43629056be47b88237e945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Mon, 15 Nov 2021 14:37:29 GMT
server
LiteSpeed
etag
"5f35-619270a9-d0ab0f428ea15d0d;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
24373
expires
Mon, 29 Nov 2021 01:48:39 GMT
aleksandr-gradskii-ustroil-skandal-na-shou-golos-photo-normal.jpg
www.newsx.icu/upload/000/u1/a/4/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/a/4/aleksandr-gradskii-ustroil-skandal-na-shou-golos-photo-normal.jpg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
5b56e6a96eb776c608ff9c5aece065d29ed0a63283cad08c212b5a1abff9bbad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Sun, 14 Nov 2021 07:42:49 GMT
server
LiteSpeed
etag
"468f-6190bdf9-3a8b4826cde9b59d;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18063
expires
Mon, 29 Nov 2021 01:48:39 GMT
b1a3443d.jpg
www.newsx.icu/upload/000/u1/1/3/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/1/3/b1a3443d.jpg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
5f782c59c63deb946dba76d7564211bb6190b29eb4de0479085e98d57d7e70d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Sat, 13 Nov 2021 11:28:11 GMT
server
LiteSpeed
etag
"34c7-618fa14b-1077813e27a3062f;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13511
expires
Mon, 29 Nov 2021 01:48:39 GMT
55c899f7.jpg
www.newsx.icu/upload/000/u1/8/3/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/8/3/55c899f7.jpg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
75370275ecdd0b31dce80103457f6a5145bbda6357b1cb385e4381a42863bf0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Fri, 29 Oct 2021 19:17:03 GMT
server
LiteSpeed
etag
"630b-617c48af-13f489759658a738;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
25355
expires
Mon, 29 Nov 2021 01:48:39 GMT
kontent-scarlet-lyone-xxx-teper-dostupen-tolko-dlja-poklonnikov-photo-normal.jpg
www.newsx.icu/upload/000/u1/a/0/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/a/0/kontent-scarlet-lyone-xxx-teper-dostupen-tolko-dlja-poklonnikov-photo-normal.jpg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
2252f9f3f5b88272d4815d8cbed2057af184af16dd4ed38d64180241ae72961c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Wed, 27 Oct 2021 14:26:05 GMT
server
LiteSpeed
etag
"4db9-6179617d-5b804a203d6db83a;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
19897
expires
Mon, 29 Nov 2021 01:48:39 GMT
sobchak-zastupilas-za-morgenshterna-photo-normal.jpg
www.newsx.icu/upload/000/u1/1/b/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/1/b/sobchak-zastupilas-za-morgenshterna-photo-normal.jpg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
4b69d1d2a3191f06c8df876243d394c4423b913357d516141da2fa0218c41052

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Tue, 26 Oct 2021 17:46:59 GMT
server
LiteSpeed
etag
"6594-61783f13-2493b000bc1d1976;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
26004
expires
Mon, 29 Nov 2021 01:48:39 GMT
gaberiella-monro-vypustila-novyi-klip-photo-normal.jpg
www.newsx.icu/upload/000/u1/7/b/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/7/b/gaberiella-monro-vypustila-novyi-klip-photo-normal.jpg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
99715df61dad47b9a0b43683513bb80b3af3dc4662a136191bb30d9feb278dfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Fri, 22 Oct 2021 20:55:24 GMT
server
LiteSpeed
etag
"340d-6173253c-3fa5dbef27cec4dd;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13325
expires
Mon, 29 Nov 2021 01:48:39 GMT
londonskaja-roza-predstavlena-v-oktjabrskom-nomere-hustler-photo-normal.jpg
www.newsx.icu/upload/000/u1/f/0/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/f/0/londonskaja-roza-predstavlena-v-oktjabrskom-nomere-hustler-photo-normal.jpg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
0fcd80075e6c1a21fd16da66616be49cae9ca943249bae2ca10999b63e7e93bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Wed, 20 Oct 2021 05:44:15 GMT
server
LiteSpeed
etag
"41e3-616facaf-46b08ee29228790e;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
16867
expires
Mon, 29 Nov 2021 01:48:39 GMT
vskrylas-shokiruyuschaja-pravda-o-mashe-rasputinoi-i-ee-docheri-photo-normal.jpg
www.newsx.icu/upload/000/u1/e/2/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsx.icu/upload/000/u1/e/2/vskrylas-shokiruyuschaja-pravda-o-mashe-rasputinoi-i-ee-docheri-photo-normal.jpg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
50e0afdeb9a45d9df775741a70aa98a4686d666f34f8419576bc325932bd60e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
last-modified
Tue, 12 Oct 2021 12:27:47 GMT
server
LiteSpeed
etag
"60e7-61657f43-974115798b6d0749;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
24807
expires
Mon, 29 Nov 2021 01:48:39 GMT
scripts.6315458b461b728974ec42ff7161263d.js
www.newsx.icu/cache/static/js/ 		194 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsx.icu/cache/static/js/scripts.6315458b461b728974ec42ff7161263d.js?1620971493
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
c1ff5d38bb88893b6192f609890a4d5ac888d85d116e40e0f77b27512ec40b66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 19:28:28 GMT
server
LiteSpeed
etag
"306d0-6179a85c-63dacd2a3e6f8dc3;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
58331
expires
Mon, 29 Nov 2021 01:48:39 GMT
solid.svg
www.newsx.icu/templates/modern/images/icons/ 		447 KB
130 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.newsx.icu/templates/modern/images/icons/solid.svg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
7a0dc6cfd1a6197c5779698686fe44ae103f0cc3a63d55acb62922a0810478e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
content-encoding
br
last-modified
Fri, 15 Oct 2021 08:11:42 GMT
server
LiteSpeed
etag
"6fb7b-616937be-5e64261ba46bea67;br"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
133076
expires
Mon, 29 Nov 2021 01:48:39 GMT
invoke.js
feignoccasionedmound.com/92a095c0d6de1b51d4758c4bf6ee3ca7/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://feignoccasionedmound.com/92a095c0d6de1b51d4758c4bf6ee3ca7/invoke.js
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Mon, 22 Nov 2021 01:48:39 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
98481.js
news.mirtesen.ru/data/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.mirtesen.ru/data/js/98481.js
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.131.27.117 , Russian Federation, ASN49063 (DTLN, RU),
Reverse DNS
Software
nginx /
Resource Hash
fc1a4b182b6bbeb31bbccbad515f0bad23d5b3176be97f1106672ba1222ace60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Content-Encoding
gzip
X-MID
46
X-TotalReserve
349
Transfer-Encoding
chunked
X-ShmTol
10
X-MaxShm
12
X-ChosenPrimary
12
X-TotalPrimary
3326
Connection
keep-alive
X-Node
ads5-2smir10
Pragma
no-cache
X-TotalPrimaryExchange
3139
Last-Modified
Monday, 22-Nov-2021 01:48:40 GMT
Server
nginx
X-Loc
2950159
X-MaxSize
12
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
X-TotalPrimaryPayable
187
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7476&ref=&0.03528636869121371
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
4b209ef5e78bd0cf80ce9f268f22c09596fa55dc6e0b95efdb0b63745b093c1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7477&ref=&0.5840033495228787
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
240397ef27dd8f6eb02914d099b454cc2ec862889ecf4a399d4fa22aafad6307

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
1820946
ad.a-ads.com/ Frame C5CC 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1820946?size=320x50&title_color=120d0d&title_hover_color=171212&link_color=190d0d&link_hover_color=0a0606
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.35.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.35.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
cf513e5ad100f99e23ed6194eb557a37302d5b8d3a0de03abf8d3bceb38affeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 22 Nov 2021 01:48:39 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.newsx.icu/
Content-Encoding
gzip
newsx.icu.1232513.es6.js
jsc.adskeeper.com/n/e/ 		230 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/n/e/newsx.icu.1232513.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1232513.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
475f6332af202d6fc819ab45adeac42d26932fba1bf826fde56a4a13737289ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
9V8A5XR7C53KNP39
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66289
x-amz-id-2
JB/7S64l1t+LLahx48sC3XhEw4r7FsMnoTYNkbj+W3rAzOGGYkpVqWFwUZVdtHsmvQS4WM/VI+k=
last-modified
Tue, 16 Nov 2021 09:36:20 GMT
server
cloudflare
etag
"ef4eaad4fb78bf65e79b545e909ed276"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b1e7f2d6c36360d-MAN
expires
Mon, 22 Nov 2021 05:48:40 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		111 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/7996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
388250ef019bb2e9368449425f7b78a75eb4da62c31173417ba245626e3d1add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 22 Nov 2021 01:48:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40086
x-xss-protection
0
server
cafe
etag
6237373347754974332
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 01:48:39 GMT
icon.svg
supertruco.com/ 		1 KB
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supertruco.com/icon.svg
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/7996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.146 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 19 Mar 2021 14:39:52 GMT
server
nginx
etag
W/"6054b7b8-47c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
date
Mon, 22 Nov 2021 01:48:40 GMT
x-ac
2.hhn _atomic_ams
expires
Mon, 29 Nov 2021 01:48:40 GMT
320x50
static.a-ads.com/a-ads-banners/117618/ Frame C5CC 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117618/320x50?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1820946?size=320x50&title_color=120d0d&title_hover_color=171212&link_color=190d0d&link_hover_color=0a0606
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.35.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.35.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0cab8671024e27265f5d37739d64ccfd8417d3a1326cd85e578a2ca7280ecf0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:39 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
P8DAMRWVCTJ68P5B
ETag
"964435510a885dc83118d9345a439c3d"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
108594
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
w4CWsbKlEWz_x7_SpmcYfVfQEmXT2wOu
x-amz-id-2
rHgrRHnj/bk+YLnSZGsIZT3MuCr37m6SQb511L2rJEQbWLM5A2fDv5Cn5DtWXNKDRPjrmAU4E7E=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame C5CC 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44db80ad4df788f3b3849b6fd303123de07e3cea5f54c1e8ac1ef96d3433301d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99572
x-xss-protection
0
server
cafe
etag
15181987829862319443
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 01:48:40 GMT
aci.js
www.acint.net/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/aci.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/309/2/122309.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
last-modified
Sat, 02 Jan 2021 18:29:12 GMT
server
openresty
etag
"5ff0bb78-1baf"
content-type
application/x-javascript
cache-control
max-age=43200
content-length
7087
expires
Mon, 22 Nov 2021 13:48:40 GMT
/
s.adlane.info/ 		97 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?floor=0&content_page_url=https%3A%2F%2Fwww.newsx.icu%2F&width=300&height=600&cb=1637545719998&aid=644754
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.newsx.icu
Date
Mon, 22 Nov 2021 01:48:39 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
app.js
cloudfastads.ru/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/app.js
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bed620eed510e3dfee02eeb0d3559a07ceb3ffe33e8a877a405c7d6e98fd08c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
481930
cf-polished
origSize=98936
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Sep 2021 11:47:01 GMT
server
cloudflare
etag
W/"6149c635-18278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KymI9qHIZOw7Rhrqjxd2dLIs8ZwhNqhyRiXFvgjm2t8q1naQugAM9%2BXzYKJT5eG%2BxiDzoDw7eQ3TBBP2XvXHRGasWtJRsVTmsimemyriALHskfjc%2FV7MlwUnl7HoZg%2BuFkYBPZcUWJJKzSDlK0s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
max-age=604800
cf-ray
6b1e7f2ea8f53748-MXP
expires
Tue, 23 Nov 2021 11:56:30 GMT
ls
a4p.adpartner.pro/jsunit/ Frame B128 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7477&unit_id=7477&shown=&session_pageview=1&session_id=6d5597d3-9c74-4593-877d-6201657b265c&site_visited=1&apuid=d60edd1d-fe32-486e-83a7-1677d1764df6&width=540&screen_width=1600&reload_count=0&banner_num=1637545719975183409&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.newsx.icu%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7477&ref=&0.5840033495228787
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
c5f4ecd81e538d156a54dd6465f7b9117fae39a7ef5a237db97e827bf51d997a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:40 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame 1814 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7476&unit_id=7476&shown=&session_pageview=1&session_id=6d5597d3-9c74-4593-877d-6201657b265c&site_visited=1&apuid=d60edd1d-fe32-486e-83a7-1677d1764df6&width=540&screen_width=1600&reload_count=0&banner_num=1637545719976058171&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.newsx.icu%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7476&ref=&0.03528636869121371
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
fef6b84b3053b45b1aef3045e40ca64766292bf939d4087b6f31748254c9806c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:40 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
newsx.icu.1235697.es6.js
jsc.adskeeper.com/n/e/ 		232 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/n/e/newsx.icu.1235697.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1235697.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a84e44034467efa47f571067805e4723261531e89e04092f9c74a339d50727

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
VT6MMPM64Y4YQ56N
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
67716
x-amz-id-2
ZA9OOw3i2TjcYEFbirfrUaeBJ69ZzV3sh/2I52e7XM+vcsWC/RbSdcabl/sscJxXQyLxT3Iig8o=
last-modified
Sun, 21 Nov 2021 16:39:45 GMT
server
cloudflare
etag
"359c6d6e220871c3bb7d1e8bac70b30a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b1e7f2e4a5954cf-MAN
expires
Mon, 22 Nov 2021 05:48:40 GMT
tag.js
mc.yandex.ru/metrika/ 		189 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-101bc"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65980
expires
Mon, 22 Nov 2021 02:48:40 GMT
visit_js.js
socpublic.com/themes/assets/global/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socpublic.com/themes/assets/global/scripts/visit_js.js
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2933f61346292ceba9366bac962d6d1e3b7bfb6306f746a3035225a8ee587c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P08uBl0dgcgrUESQt8uOYMFe%2BXnncP%2FN1EDGcbbdc%2FoE6Ug8MQl%2BMrvTP3XPx2KTTZuTtU4fiUgPgebt4KcfuAowxjbDxb2AlNiNODhyRUXGYxf5LwSYc7PVgdLe47ZjsBeN1Nyu1gLjJuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
6b1e7f2e9f9cf937-MXP
brands.svg
www.newsx.icu/templates/modern/images/icons/ 		25 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.newsx.icu/templates/modern/images/icons/brands.svg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.105.236.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
da1.d.fozzy.com
Software
LiteSpeed /
Resource Hash
25b53d19de644e8655381e74ee16804c3a92f8a7a86edd28872e9aa2c91a7c30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
last-modified
Fri, 15 Oct 2021 08:11:42 GMT
server
LiteSpeed
etag
"6516-616937be-81cfe9c747d0bbd6;br"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10131
expires
Mon, 29 Nov 2021 01:48:40 GMT
/
ssp-rtb.sape.ru/data/ 		30 B
543 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/data/?callback=sapeRTB_619af6f81_57462995&srtbid=122309&scids=163688261&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fwww.newsx.icu%2F&allimps=1&fl=0&v=3&tz=%2B00%3A00
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/309/2/122309.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.6.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1359715.sapientru.net
Software
openresty /
Resource Hash
649dc7d7429f5a97f192e1fb5a20be15a4fedf7320553b10972bacda90d5a137

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
openresty
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
30
Expires
Wed, 19 Apr 2000 11:43:00 GMT
watch.js
mc.yandex.ru/metrika/ 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/309/2/122309.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
2d8618e3d2de4948e82bbce7cd6e1cefb6d720a09adb2cae9ea3886785493a0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-b7ad"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47021
expires
Mon, 22 Nov 2021 02:48:40 GMT
1
www.acint.net/rtbw/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A122309%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A752%7D&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545720
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A122309%2C%22sc%22%3A0%2C%22pl%22%3A685473%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545720
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=16&id=122309.685473.163688261.0.0.68&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545720
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A122309%2C%22sc%22%3A0%2C%22pl%22%3A685473%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545720
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		199 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.newsx.icu&callback=_gfp_s_&client=ca-pub-7913044002918072
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8dd7c600f92a84eda40cccea0db8c481ee8b1b3f189bd84717f347fd4ae91c6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.newsx.icu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newsx.icu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FD6D 		59 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50e0f121009581857e1b54f14dcb3d157d69ae517c20b3b4e19bebd79dc691cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 22 Nov 2021 01:48:40 GMT
server
cafe
content-length
24205
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private
relap.js
relap.io/v7/ Frame AC2B 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/relap.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
758c961a878da919493a57c0d146f9c1fcfb3a59e4a8387f2d59e1eebbaa913e
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 14:47:29 GMT
server
nginx
etag
"6197b901-11f5"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=60
content-length
4597
expires
Mon, 22 Nov 2021 01:49:40 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 717E 		68 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
539a5b7b15a9d612c2c793d16fc19562a92f666e509301ffb73dba07e2750336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 22 Nov 2021 01:48:40 GMT
server
cafe
content-length
25401
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private
sm.js
stat.media/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/sm.js
Requested by
Host: news.mirtesen.ru
URL: https://news.mirtesen.ru/data/js/98481.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.sselp1.imcmdb.net
Software
nginx /
Resource Hash
382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Aug 2021 20:46:02 GMT
Server
nginx
ETag
W/"610afc8a-133b9"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
jsapi.v5.5.1.ru_RU.js
static.olanola.com/static/jsapi/ 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olanola.com/static/jsapi/jsapi.v5.5.1.ru_RU.js
Requested by
Host: news.mirtesen.ru
URL: https://news.mirtesen.ru/data/js/98481.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.127 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-4.sser4.imcmdb.net
Software
nginx /
Resource Hash
5a0db6487c26e2c9948ed0b4439efc4ab46c30c2021b0b917fc3ffcef9f24a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Nov 2021 10:47:09 GMT
Server
nginx
ETag
W/"61923aad-3e83f"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
8698764.jpeg
static3.olanola.com/img/140x140/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.olanola.com/img/140x140/8698764.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.76 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-4.sser5.imcmdb.net
Software
nginx /
Resource Hash
6187bfcc95b12cc2aef4c444634e76d709bcf4caa8ae572ec9d1aa1b259f4b04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"6039fddb-b247"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12448
Expires
Tue, 21 Nov 2023 17:01:10 GMT
9596773.jpeg
static5.olanola.com/img/140x140/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static5.olanola.com/img/140x140/9596773.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.234 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-4.sser2.imcmdb.net
Software
nginx /
Resource Hash
e0b9766edbaf77c1dd162ad23a0da637514e17c6c805637755e74d0885b4524c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"61924839-2d28f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8642
Expires
Fri, 17 Nov 2023 01:38:05 GMT
9557661.jpeg
static1.olanola.com/img/140x140/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.olanola.com/img/140x140/9557661.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.127 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-4.sser4.imcmdb.net
Software
nginx /
Resource Hash
6296329a64d9cd5df715d1ae39fc1c2f07ab9384e7374a3591fe4f4868637e1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"61826c36-169a2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15095
Expires
Sun, 19 Nov 2023 13:44:31 GMT
9512710.jpeg
static6.olanola.com/img/140x140/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.olanola.com/img/140x140/9512710.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.242 Fellbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-3.sfa65.imcmdb.net
Software
nginx /
Resource Hash
714cb76ebd1753477da5958d10c8a19753b8ba0c730badc085523136d9070ce3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"61702c89-ca57"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11938
Expires
Fri, 17 Nov 2023 01:38:05 GMT
9618831.jpeg
static7.olanola.com/img/140x140/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.olanola.com/img/140x140/9618831.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.55 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-4.sser3.imcmdb.net
Software
nginx /
Resource Hash
6559e391808f7a073776f24639be7668116abadb9035b571c79f43c8c6bed53f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"619a672b-be3c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10632
Expires
Tue, 21 Nov 2023 18:23:20 GMT
9557646.jpeg
static8.olanola.com/img/140x140/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.olanola.com/img/140x140/9557646.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.76 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-4.sser5.imcmdb.net
Software
nginx /
Resource Hash
2680d234be786aed155d399b9084a346f17abf5a323ca7d64ff100dc31faddfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"61826bcf-492da"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10711
Expires
Sun, 19 Nov 2023 16:17:11 GMT
9612511.jpeg
static4.olanola.com/img/140x140/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static4.olanola.com/img/140x140/9612511.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.71.94 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-3.sfa66.imcmdb.net
Software
nginx /
Resource Hash
bfae5dcf0d76e2f5f8b292525af32d74e7d02e7d9d35705cc381fa059fc1f662

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"6197ac2c-78c68"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10691
Expires
Sun, 19 Nov 2023 13:56:51 GMT
9615862.jpeg
static8.olanola.com/img/140x140/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.olanola.com/img/140x140/9615862.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.76 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-4.sser5.imcmdb.net
Software
nginx /
Resource Hash
5c3d9b8c772a6884f1c071fdadfede84bdce6c2042ee3e481e756c37f3a1dc69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"619901ca-598c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9343
Expires
Tue, 21 Nov 2023 17:56:38 GMT
9548220.jpeg
static1.olanola.com/img/140x140/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.olanola.com/img/140x140/9548220.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.127 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-4.sser4.imcmdb.net
Software
nginx /
Resource Hash
26a37fcd1a2a29d07cfbd5ea93992879aabc59921bcd95fd962124a4fa576d29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"617eabbf-f038"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12557
Expires
Fri, 17 Nov 2023 21:03:32 GMT
9501759.jpeg
static8.olanola.com/img/140x140/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.olanola.com/img/140x140/9501759.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.76 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-4.sser5.imcmdb.net
Software
nginx /
Resource Hash
07e692f46f2ca24899dce0b43a08f10433aa72f5b5f24610e47fdc665c480878

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"616bd765-7be8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8566
Expires
Sun, 19 Nov 2023 14:25:58 GMT
9554119.jpeg
static3.olanola.com/img/140x140/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.olanola.com/img/140x140/9554119.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.76 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-4.sser5.imcmdb.net
Software
nginx /
Resource Hash
4ad6d56c1ee3114713b879d7bcfe7e5fd275b5d4ef4c2a776308264fc751d4e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"61812497-14b5a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8965
Expires
Mon, 20 Nov 2023 06:32:27 GMT
9450169.jpeg
static6.olanola.com/img/140x140/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.olanola.com/img/140x140/9450169.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.242 Fellbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-3.sfa65.imcmdb.net
Software
nginx /
Resource Hash
de059ee02a426fc1a6f24fb16c1b609f5f77de59469804ca319287d1615dad10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
ETag
W/"6156b454-a946"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12093
Expires
Sun, 19 Nov 2023 15:11:46 GMT
/
target.smi2.net/init/ 		95 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://target.smi2.net/init/?blockid=98481&siteid=51250&bw=1600&bh=1200&rnd=9418345072471
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.161.36.2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
target2-1.sselp1.imcmdb.net
Software
nginx / HHVM/3.9.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Target-Version
2
Date
Mon, 22 Nov 2021 01:48:40 GMT
X-Target-Final
20211122044840-0
Server
nginx
X-Target-Host
target2-1.sselp1
X-Powered-By
HHVM/3.9.1
X-Time-Request
0.00029
Content-Type
image/png
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
95
Expires
Mon, 22 Nov 2021 01:48:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B6D8 		68 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0538f4cc6cdf2b191e18b14249f09e75effcf1d1e8cb7244b843b9c950e066e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 22 Nov 2021 01:48:40 GMT
server
cafe
content-length
25562
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private
analytics.js
www.google-analytics.com/ Frame B128 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7477&unit_id=7477&shown=&session_pageview=1&session_id=6d5597d3-9c74-4593-877d-6201657b265c&site_visited=1&apuid=d60edd1d-fe32-486e-83a7-1677d1764df6&width=540&screen_width=1600&reload_count=0&banner_num=1637545719975183409&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.newsx.icu%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2853
date
Mon, 22 Nov 2021 01:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 22 Nov 2021 03:01:07 GMT
jsunit
a4p.adpartner.pro/ Frame B128 		23 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1637545719975183409&id=7477&is_in_viewport=1&ref=&reload_count=0&session_id=6d5597d3-9c74-4593-877d-6201657b265c&session_pageview=1&shown=&site_visited=1&unit_id=7477
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7477&unit_id=7477&shown=&session_pageview=1&session_id=6d5597d3-9c74-4593-877d-6201657b265c&site_visited=1&apuid=d60edd1d-fe32-486e-83a7-1677d1764df6&width=540&screen_width=1600&reload_count=0&banner_num=1637545719975183409&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.newsx.icu%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
d76863ab257ee68fe803ac93880e3118adb4e9c59112a7f242ce81c1243bb52a

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7477&unit_id=7477&shown=&session_pageview=1&session_id=6d5597d3-9c74-4593-877d-6201657b265c&site_visited=1&apuid=d60edd1d-fe32-486e-83a7-1677d1764df6&width=540&screen_width=1600&reload_count=0&banner_num=1637545719975183409&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.newsx.icu%2F
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
www.acint.net/mc/ Frame 4915 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/mc/?dp=14
Requested by
Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
7792ff39012a4f7110e0874f5e2ddf834300cd3e75d6c0ab60ea2047e0d003f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

server
openresty
date
Mon, 22 Nov 2021 01:48:40 GMT
content-type
text/html
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding
gzip
/
www.acint.net/hit/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/hit/?v=0.3.0&uid=bdb8a251-bf3b-42c0-a7da-4baaa64429a4&dp=14&tz=%2B00%3A00&nc=54148815&u=https%3A%2F%2Fwww.newsx.icu%2F&r=&rs=1600x1200&t=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20NewsX.icu&oE=1&oP=1&dT=2021-11-22T01%3A48%3A40.199&fu=6509e811-19b5-4d91-a1e3-f0a95dd65e8d
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1C79 		68 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a02ca886b4e9b5118fbd2814ab2dbcb2bd9421163f569d15138d78bfe7a0362c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 22 Nov 2021 01:48:40 GMT
server
cafe
content-length
25378
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private
jsunit
a4p.adpartner.pro/ Frame 1814 		26 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1637545719976058171&id=7476&is_in_viewport=1&ref=&reload_count=0&session_id=6d5597d3-9c74-4593-877d-6201657b265c&session_pageview=1&shown=&site_visited=1&unit_id=7476
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7476&unit_id=7476&shown=&session_pageview=1&session_id=6d5597d3-9c74-4593-877d-6201657b265c&site_visited=1&apuid=d60edd1d-fe32-486e-83a7-1677d1764df6&width=540&screen_width=1600&reload_count=0&banner_num=1637545719976058171&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.newsx.icu%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
1728d6b4a772fe72fc793409179184932e1447abf80ca2ad32108713f1bad3cc

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7476&unit_id=7476&shown=&session_pageview=1&session_id=6d5597d3-9c74-4593-877d-6201657b265c&site_visited=1&apuid=d60edd1d-fe32-486e-83a7-1677d1764df6&width=540&screen_width=1600&reload_count=0&banner_num=1637545719976058171&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.newsx.icu%2F
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
prebid-otm-4.43.4.js
cdn-rtb.sape.ru/js/prebid/ Frame 6659 		168 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-rtb.sape.ru/js/prebid/prebid-otm-4.43.4.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/309/2/122309.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
asrv233.qwarta.ru
Software
openresty /
Resource Hash
13215235b2cb1408756d85724e8104bf1a6c76db5e7e62a1dd9a6a1c3ed34efa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
last-modified
Wed, 20 Oct 2021 14:50:45 GMT
server
openresty
x-amz-request-id
16B9BB2810E7554D
etag
"f87d42b7563e73c39795752aeeeb48e6"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
date
Mon, 22 Nov 2021 01:48:40 GMT
access-control-allow-credentials
true
content-length
171647
accept-ranges
bytes
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=16&id=122309.685473.163688261.0.0.68&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545720
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=68&id=122309.685473.163688262.0.1.112&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545720
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
ads.betweendigital.com/ Frame 4915
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FF8F69A616407AA33022B39D2
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FF8F69A616407AA33022B39D2&crf=1
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FF8F69A616407AA33022B39D2&crf=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=73&external_user_id=0100007FF8F69A616407AA33022B39D2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
acint.net/ Frame 4915
Redirect Chain
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
  • https://acint.net/match?dp=14&euid=0100007FF8F69A613900CB7902A9D980
43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=14&euid=0100007FF8F69A613900CB7902A9D980
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
openresty
P3P
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location
https://acint.net/match?dp=14&euid=0100007FF8F69A613900CB7902A9D980
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
text/html
Content-Length
142
Expires
Wed, 19 Apr 2000 11:43:00 GMT
match
acint.net/ Frame 4915
Redirect Chain
  • https://px.adhigh.net/p/cm/sape?u=0100007FF8F69A616407AA33022B39D2
  • https://px.adhigh.net/p/cm/sape?u=0100007FF8F69A616407AA33022B39D2&bounced=1
  • https://acint.net/match?dp=17&euid=tXlp7xqClx.AikABlF9RVS68Q
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=17&euid=tXlp7xqClx.AikABlF9RVS68Q
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://acint.net/match?dp=17&euid=tXlp7xqClx.AikABlF9RVS68Q
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm.gif
ad.mail.ru/ Frame 4915 		43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=48&id=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Last-Modified
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=21600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Mon, 22 Nov 2021 07:48:40 GMT
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 4915
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5323423455
  • https://www.acint.net/rmatch?dp=45&euid=Ai0RbEHBR-iuFxSyvCaiJJA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FF8F69A616407AA33022B39D2
42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad15.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

date
Mon, 22 Nov 2021 01:48:40 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FF8F69A616407AA33022B39D2
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
sync
a.utraff.com/ Frame 4915 		0
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.utraff.com/sync?ssp=sape
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7GgsGIaxXmDlJZMYF%2BWEGuZTVp2iMDnuH5U5TBh8FCMMrrvJDDKyWDmb1eLut5x50dTkvQclr2OvIzFBaf9XEIJvVb4ePGVIawEsrh3xoMAzdLMUpNFF3DfAJ9YRHCaksPGn%2FSk%2BM6Zbw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
6b1e7f3158fa59f5-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
/
sync.bumlam.com/ Frame 4915
Redirect Chain
  • https://sync.republer.com/match?dsp=sape
  • https://sync.republer.com/match?dsp=sape&qset=1
  • https://sync.bumlam.com/?src=rp1&uid=594817c2-e0c5-4848-82ad-f7aabbca24af
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj47euMBlIEioaQK2IkNTk0ODE3YzItZTBjNS00ODQ4LTgyYWQtZjdhYWJiY2EyNGFm
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj47euMBlIEioaQK2IkNTk0ODE3YzItZTBjNS00ODQ4LTgyYWQtZjdhYWJiY2EyNGFmogEQUYr76ks2Eeym6QAlkMgkNw**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhj47euMBlIEioaQK2IkNTk0ODE3YzItZTBjNS00ODQ4LTgyYWQtZjdhYWJiY2EyNGFmogEQUYsrfks2Eeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQABj47euMBmIkNTk0ODE3YzItZTBjNS00ODQ4LTgyYWQtZjdhYWJiY2EyNGFmogEQUYsrfks2Eeym6QAlkMgkNw**
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=rp1&s_data=CAIQABj47euMBmIkNTk0ODE3YzItZTBjNS00ODQ4LTgyYWQtZjdhYWJiY2EyNGFmogEQUYsrfks2Eeym6QAlkMgkNw**
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Server
31.172.81.172 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Server
nginx
ETag
518b2b7e-4b36-11ec-a6e9-002590c82437
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=rp1&s_data=CAIQABj47euMBmIkNTk0ODE3YzItZTBjNS00ODQ4LTgyYWQtZjdhYWJiY2EyNGFmogEQUYsrfks2Eeym6QAlkMgkNw**
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
match
dm-eu.hybrid.ai/ Frame 4915 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-eu.hybrid.ai/match?id=106&vid=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
513
x-xss-protection
1; mode=block
expires
-1
adcm.js
tag.digitaltarget.ru/ Frame 4915 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/adcm.js
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Last-Modified
Tue, 16 Nov 2021 09:48:08 GMT
Server
nginx
ETag
"61937e58-beb"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3051
sape
sync.dmp.otm-r.com/match/ Frame 4915 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/sape?id=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx/1.17.4
match
www.acint.net/ Frame 4915
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf_j2mmFkB6ozAis50g
  • https://www.acint.net/match?dp=77&euid=
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=77&euid=
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.acint.net/match?dp=77&euid=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adlmerge.com/merge_gpsid/ Frame 4915
Redirect Chain
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FF8F69A616407AA33022B39D2
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FF8F69A616407AA33022B39D2
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

iseu
eu
server
nginx/1.16.0
date
Mon, 22 Nov 2021 01:48:40 GMT
content-type
image/gif

Redirect headers

location
//adlmerge.com/merge_gpsid/?sid=50&id=0100007FF8F69A616407AA33022B39D2
date
Mon, 22 Nov 2021 01:43:02 GMT
server
nginx
content-length
0
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 4915 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad15.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sprcs
relap.io/partners/ Frame 4915 		43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/partners/sprcs?uid=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-server
web03
content-length
43
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
weborama-sync
adx.com.ru/ Frame 4915
Redirect Chain
  • https://adx.com.ru/sape-sync?uid=0100007FF8F69A616407AA33022B39D2
  • https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FF8F69A616407AA33022B39D2
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=619af6f8f0e01540ca2731ac&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D619af6f8f0e01540ca2731ac%2526r%253Dhttps%25253A...
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D619af6f8f0e01540ca2731ac%2526r%253Dhttps%25253A...
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D619af6f8f0e01540ca2731ac%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D619af6f8f0...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D619af6f8f0e01540ca2731ac%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D619af6f8f0e01540ca2731ac%2526dest%253D&webouid=OhEMQXyFnnP3v8TnUY5ZQe
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
188.34.131.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.132.131.34.188.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
via
1.1 google
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx/1.12.0
location
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D619af6f8f0e01540ca2731ac%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D619af6f8f0e01540ca2731ac%2526dest%253D&webouid=OhEMQXyFnnP3v8TnUY5ZQe
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
pixel.gif
sync.1dmp.io/ Frame 4915
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FF8F69A616407AA33022B39D2
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FF8F69A616407AA33022B39D2&cs=1
35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FF8F69A616407AA33022B39D2&cs=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-214-77.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FF8F69A616407AA33022B39D2&cs=1
date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
match
www.acint.net/ Frame 4915
Redirect Chain
  • https://sape-sync.rutarget.ru/sync
  • https://www.acint.net/match?dp=104&euid=0VnRccofN0KO
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=104&euid=0VnRccofN0KO
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location
https://www.acint.net/match?dp=104&euid=0VnRccofN0KO
Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
match
acint.net/ Frame 4915
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
  • https://acint.net/match?dp=107&euid=8ed4376e-2f22-5346-8456-3768e5ccc190
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=107&euid=8ed4376e-2f22-5346-8456-3768e5ccc190
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://acint.net/match?dp=107&euid=8ed4376e-2f22-5346-8456-3768e5ccc190
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
acint.net/ Frame 4915
Redirect Chain
  • https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
  • https://acint.net/match?dp=110&euid=c8c377dc6595460c93dbce7c77bbf840
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=110&euid=c8c377dc6595460c93dbce7c77bbf840
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://acint.net/match?dp=110&euid=c8c377dc6595460c93dbce7c77bbf840
date
Mon, 22 Nov 2021 01:48:40 GMT
server
Kestrel
content-length
0
match
www.acint.net/ Frame 4915
Redirect Chain
  • https://0100007ff8f69a616407aa33022b39d2-sp.ops.beeline.ru/p?ssp=sp&id=0100007FF8F69A616407AA33022B39D2
  • https://www.acint.net/match?dp=111&euid=302ab1b4-0e54-43ea-a561-b4eb24a7547e
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=111&euid=302ab1b4-0e54-43ea-a561-b4eb24a7547e
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date
Mon, 22 Nov 2021 01:48:41 GMT
x-route
http://upstream_cookiesync
server
nginx
location
https://www.acint.net/match?dp=111&euid=302ab1b4-0e54-43ea-a561-b4eb24a7547e
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.34
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
matchspm
ut.rktch.com/ Frame 4915
Redirect Chain
  • https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FF8F69A616407AA33022B39D2
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
  • https://ut.rktch.com/matchspm?pi=1000006&pui=OhEMQXyFnnP3v8TnUY5ZQe&noredirect
88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchspm?pi=1000006&pui=OhEMQXyFnnP3v8TnUY5ZQe&noredirect
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Server
89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d50603.reg.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Server
nginx/1.18.0
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Content-Length
88

Redirect headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
via
1.1 google
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx/1.12.0
location
https://ut.rktch.com/matchspm?pi=1000006&pui=OhEMQXyFnnP3v8TnUY5ZQe&noredirect
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
0.gif
x01.aidata.io/ Frame 4915
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FF8F69A616407AA33022B39D2
  • https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FF8F69A616407AA33022B39D2
  • https://tech.rtb.mts.ru/?dsp_uid=3f33f622-4257-4084-9121-0335d7b63733&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3...
  • https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
0
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:41 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Mon, 22 Nov 2021 01:48:40 GMT

Redirect headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
match
www.acint.net/ Frame 4915
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
  • https://www.acint.net/match?dp=126&euid=26a5c35c-6d30-4ab7-5960-f75bc9561a9b
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=126&euid=26a5c35c-6d30-4ab7-5960-f75bc9561a9b
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://www.acint.net/match?dp=126&euid=26a5c35c-6d30-4ab7-5960-f75bc9561a9b
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-length
115
serverid
TODO
content-type
text/html; charset=utf-8
match
www.acint.net/ Frame 4915
Redirect Chain
  • https://s.uuidksinc.net/match/396/0100007FF8F69A616407AA33022B39D2
  • https://www.acint.net/match?dp=127&euid=cLkVhHOOWa5W5U7uOEky
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=127&euid=cLkVhHOOWa5W5U7uOEky
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://www.acint.net/match?dp=127&euid=cLkVhHOOWa5W5U7uOEky
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx/1.19.0
content-length
0
match
www.acint.net/ Frame 4915
Redirect Chain
  • https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
  • https://www.acint.net/match?dp=129&euid=me3k5hb6oy
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=129&euid=me3k5hb6oy
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx/1.14.0
access-control-allow-origin
*
surrogate-control
no-store
vary
Origin
location
https://www.acint.net/match?dp=129&euid=me3k5hb6oy
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-request-id
c3c063aa-34ce-49a0-9328-bdd54884e9be
expires
0
userbind
match.new-programmatic.com/ Frame 4915 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=sape&id=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 Nov 2021 01:48:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
0100007FF8F69A616407AA33022B39D2
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 4915 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
PzP2IkJXQISRIQM117Y3Mw
an.yandex.ru/setud/mts_banner/ Frame 4915
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007FF8F69A616407AA33022B39D2
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007FF8F69A616407AA33022B39D2&bounce=1
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=%2B5l1bN1DZR%2B3W%2B2PqLx75Q
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=%2B5l1bN1DZR%2B3W%2B2PqLx75Q
  • https://tech.rtb.mts.ru/?dsp_uid=3f33f622-4257-4084-9121-0335d7b63733&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FPzP2IkJXQISRIQM117Y3Mw%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
  • https://an.yandex.ru/setud/mts_banner/PzP2IkJXQISRIQM117Y3Mw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D%252B5l1bN1DZR%252B3W%252B2PqLx75Q&sign=766958706
43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/PzP2IkJXQISRIQM117Y3Mw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D%252B5l1bN1DZR%252B3W%252B2PqLx75Q&sign=766958706
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 01:48:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 01:48:42 GMT

Redirect headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/PzP2IkJXQISRIQM117Y3Mw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D%252B5l1bN1DZR%252B3W%252B2PqLx75Q&sign=766958706
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
sync.bumlam.com/ Frame 4915
Redirect Chain
  • https://sync.bumlam.com/?src=sap1&uid=0100007FF8F69A616407AA33022B39D2
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj47euMBlIFrbKc-w9iIDAxMDAwMDdGRjhGNjlBNjE2NDA3QUEzMzAyMkIzOUQy
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj47euMBlIFrbKc-w9iIDAxMDAwMDdGRjhGNjlBNjE2NDA3QUEzMzAyMkIzOUQyogEQUYsrfks2Eeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQABj47euMBmIgMDEwMDAwN0ZGOEY2OUE2MTY0MDdBQTMzMDIyQjM5RDKiARBRiyt-SzYR7KbpACWQyCQ3
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQARj47euMBmIgMDEwMDAwN0ZGOEY2OUE2MTY0MDdBQTMzMDIyQjM5RDKiARBRiyt-SzYR7KbpACWQyCQ3
0
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=sap1&s_data=CAIQARj47euMBmIgMDEwMDAwN0ZGOEY2OUE2MTY0MDdBQTMzMDIyQjM5RDKiARBRiyt-SzYR7KbpACWQyCQ3
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Server
31.172.81.172 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Server
nginx
ETag
518b2b7e-4b36-11ec-a6e9-002590c82437
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=sap1&s_data=CAIQARj47euMBmIgMDEwMDAwN0ZGOEY2OUE2MTY0MDdBQTMzMDIyQjM5RDKiARBRiyt-SzYR7KbpACWQyCQ3
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
0100007FF8F69A616407AA33022B39D2
an.yandex.ru/mapuid/sapeis/ Frame 4915
Redirect Chain
  • https://an.yandex.ru/mapuid/sapeis/0100007FF8F69A616407AA33022B39D2
  • https://an.yandex.ru/mapuid/sapeis/0100007FF8F69A616407AA33022B39D2?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/sapeis/0100007FF8F69A616407AA33022B39D2?redir-setuniq=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:41 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 01:48:41 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 01:48:41 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:41 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 01:48:41 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/sapeis/0100007FF8F69A616407AA33022B39D2?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 01:48:41 GMT
frame.html
s3.advarkads.com/modules/match/ Frame 2D06 		187 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-type
text/html
cache-control
max-age=60
last-modified
Wed, 13 Oct 2021 12:55:49 GMT
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b1e7f313b520f6e-MXP
content-encoding
gzip
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9464.Z7MjslmozSPKOEpMTFGOiE7Wot9rjMGWSH-AafyjZkPxX70mmoEySzpv61v1jiNH.pgAdwjwJM4B8CFF3eNwX5S_ZO9o%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9464.MqJ15vtrfGHK0Wbp745M4G-nqCmJIPuuUYidV8x30BAQG_EjpdtawGj3jONkncLiNtVdB-fr7TjEQuRU1GKEwg%2C%2C.i_B2xMdaYpj8Aa_OwOHoyYF1kYM%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9464.MqJ15vtrfGHK0Wbp745M4G-nqCmJIPuuUYidV8x30BAQG_EjpdtawGj3jONkncLiNtVdB-fr7TjEQuRU1GKEwg%2C%2C.i_B2xMdaYpj8Aa_OwOHoyYF1kYM%2C
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9464.MqJ15vtrfGHK0Wbp745M4G-nqCmJIPuuUYidV8x30BAQG_EjpdtawGj3jONkncLiNtVdB-fr7TjEQuRU1GKEwg%2C%2C.i_B2xMdaYpj8Aa_OwOHoyYF1kYM%2C
date
Mon, 22 Nov 2021 01:48:40 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 22 Nov 2021 02:48:40 GMT
pql79m.js
hbbond.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbbond.com/pql79m.js
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.98.54.153 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
12a76a984f44ebd136dba9b6a97048f72fdfafcd6c9808a3e4dc9f86fded57dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 16:08:33 GMT
server
nginx/1.19.0
etag
W/"6197cc01-69a4"
vary
Accept-Encoding
content-type
application/javascript
teasers
cloudfastads.ru/data/ 		984 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/data/teasers
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74666ec5b340e0fe56a5f39ee6ca31e882ff19e52e39f667c420ce4df4a2a817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"3d8-sbL9SIgAvujP1AViqnE7tJXhvL0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60m7LSSeJ3cijIE%2Bd1kxcAAJtm6O1aKDiGO2v4N17tfUmjDrv4%2FR68RU5%2B1lJUQ%2FZO7DSQ6R075XVpiB9waLUzcDI1IGOFP5WXi9zLZcuW2ga2X0kYtWAItBDc2K40gF9FiG7hmxZUafrtqyy6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsx.icu
vary
Accept-Encoding, Origin
cache-control
private, max-age=60, stale-while-revalidate=84000
access-control-allow-credentials
true
cf-ray
6b1e7f306bc4599b-MXP
expires
Fri Nov 19 2021 17:03:14 GMT+0300
609e32e18b576632b9e21920
cloudfastads.ru/data/iframe/39114/desktop/ Frame 87F2 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/data/iframe/39114/desktop/609e32e18b576632b9e21920
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c8c3f75cbf30760416906555f30c2330fec688bf527a9d1dedb17fe289c184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Origin
access-control-allow-credentials
true
expires
Sun Nov 21 2021 04:19:16 GMT+0300
cache-control
private, max-age=60, stale-while-revalidate=84000
link
</css/inner.css>; rel=preload; as=style; crossorigin, </inner.js>; rel=preload; as=script; crossorigin;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=059DK880tI8XZYja0BX%2BXF9T%2F%2F00OyBCQm2xRi9pX795soCalCUKfKJ%2BcTDnNjMMdH3Z2x8otEi83h51dzR%2BcZs%2F%2BUXc7WRD4pcXI718U25I0ZKkEIdxYwJdTSB29ZbmaeixgsWBKm2MAWSyx%2BI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b1e7f313cd7599b-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
insert
cloudfastads.ru/statistics/iframe/ 		331 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/statistics/iframe/insert
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021bb0e966086476e9206afd56a6a6dbe204ef409ebac74d2ce7f4bc5a831c93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"14b-IrUjKXI+zJFVqaECeOdnuBNAzPU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sS4KNwWY5LRjySDqosO5pTdYzJD2T1BjFCI%2Bue9WZacTTyvUMfJjDrn0YlGm%2B2Sfb7%2F6yfSBw1fnBI6DLJ1IriHv7B2o%2FHDKPJqDGo09nYpnpBr09U6nwdf9Hy7hL71EEPZqkqtjAVxlcrV0lP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsx.icu
vary
Accept-Encoding, Origin
access-control-allow-credentials
true
cf-ray
6b1e7f306bc6599b-MXP
settings
stat.media/counter/ 		454 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/settings?payload=CLKQAxIkYWU4MWM0NmYtZjhjNC00ZWUxLWI5MzktMWYwMWY2ZDEzYTkxGM_x0qrULyIkZTE0NDhmNjUtYzJiMi00MmY1LWIzZTctZmQyMGZhZTdkOGJl&cb=_callbacks____0kwa0fwj2
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.sselp1.imcmdb.net
Software
nginx /
Resource Hash
c9407c281dfa6fb3c755c9125a0298f974a92c43912ff642019ad550ea9cd24c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/javascript
adjson
ssp.otm-r.com/ Frame 6659 		2 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=320&h=50&s=ck6s195mdyv1m0868lv9fis3e&bidid=2f6ddb6436133b&transactionid=46790de8-ea25-4de7-b675-8db08279e2a1&auctionid=2748bba9-f443-489d-953d-0ce58839cc19&bidfloor=6
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/prebid/prebid-otm-4.43.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.59.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.100.59.69.159.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx/1.17.10
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.newsx.icu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
1522725_2116.jpeg
img.adpartner.pro/1522/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/1522/1522725_2116.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Simferopol, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
509fa01f9a262a267c6f9c5985eddc7e4c1b0f6df01c0d070bb4dc908b36ffe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Wed, 17 Feb 2021 12:43:02 GMT
server
nginx
etag
"602d0f56-709e"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
28830
logo_left.gif
file.adpartner.pro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/logo_left.gif
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Simferopol, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Thu, 24 Jan 2019 09:25:42 GMT
server
nginx
etag
"5c498496-a79"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
2681
1px-matching-adpartner.gif
t.trafmag.com/images/ 		35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=d60edd1d-fe32-486e-83a7-1677d1764df6
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=d60edd1d-fe32-486e-83a7-1677d1764df6
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=10
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=10
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b1e7f31fd8f7025-FRA
content-type
image/gif
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=d60edd1d-fe32-486e-83a7-1677d1764df6
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=9
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=9
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b1e7f31fd917025-FRA
content-type
image/gif
d60edd1d-fe32-486e-83a7-1677d1764df6
s.uuidksinc.net/match/272/ 		74 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/272/d60edd1d-fe32-486e-83a7-1677d1764df6
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
d60edd1d-fe32-486e-83a7-1677d1764df6
recreativ.ru/mtch/31/ 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recreativ.ru/mtch/31/d60edd1d-fe32-486e-83a7-1677d1764df6
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

hn
b17
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
pix
dsp-trk.eskimi.com/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=d60edd1d-fe32-486e-83a7-1677d1764df6
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
via
1.1 google
alt-svc
clear
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/ 		49 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.148.142 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp3.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=d60edd1d-fe32-486e-83a7-1677d1764df6
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
123
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=d60edd1d-fe32-486e-83a7-1677d1764df6
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 Nov 2021 01:48:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FF8F69A616407AA33022B39D2
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Mon, 22 Nov 2021 01:48:40 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FF8F69A616407AA33022B39D2
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FF8F69A616407AA33022B39D2
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Mon, 22 Nov 2021 01:48:40 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FF8F69A616407AA33022B39D2
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=8ed4376e-2f22-5346-8456-3768e5ccc190
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=8ed4376e-2f22-5346-8456-3768e5ccc190
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=8ed4376e-2f22-5346-8456-3768e5ccc190
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=8ed4376e-2f22-5346-8456-3768e5ccc190
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=8ed4376e-2f22-5346-8456-3768e5ccc190
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=8ed4376e-2f22-5346-8456-3768e5ccc190
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=b1f2548b-8ca8-42d7-5c2f-36be9027e0f6
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=b1f2548b-8ca8-42d7-5c2f-36be9027e0f6
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=b1f2548b-8ca8-42d7-5c2f-36be9027e0f6
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=219d9813-e5ab-4071-5c27-0739df4c83de
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=219d9813-e5ab-4071-5c27-0739df4c83de
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=219d9813-e5ab-4071-5c27-0739df4c83de
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
inner.css
cloudfastads.ru/css/ Frame 87F2 		50 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/css/inner.css
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
518a0e298f6b0b360bc3d06b66f9b44145811cf65fdf140945b9f66a8fefd135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloudfastads.ru/data/iframe/39114/desktop/609e32e18b576632b9e21920
Origin
https://cloudfastads.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30755
cf-polished
origSize=51940
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Sep 2021 11:47:01 GMT
server
cloudflare
etag
W/"6149c635-cae4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpPpeGALPuCwe3dHF0xA4ptOeCur2mBkttuq5PLe7YaDmKPhFqNKKd1IEQYM44mJpAjnbOuAjg30r8fOin2ohxMZKeY089xNCm9wxoJkUSaQ%2Fr4EpmsEZwXdnxhRZj%2FK6wg5%2F%2FMDKF6Ey%2Fn79Qc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
max-age=604800
cf-ray
6b1e7f31dd96599b-MXP
expires
Sun, 28 Nov 2021 17:16:05 GMT
inner.js
cloudfastads.ru/ Frame 87F2 		160 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/inner.js
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10724e2fbe2f76ba6e90bcfa974a14b87fbf7cc7cd75d1e932682ec8d87100b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloudfastads.ru/data/iframe/39114/desktop/609e32e18b576632b9e21920
Origin
https://cloudfastads.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30755
cf-polished
origSize=164367
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Sep 2021 11:47:01 GMT
server
cloudflare
etag
W/"6149c635-2820f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21UfHxhitQqMAxjDBOnHR4yRPaoYY72HiDGaNg7ayJa%2BybFaHHKI8dGbRonWGkc75dyK4Cw6eqBDsCU1Fvmha6xwBQlqSpFG0UgMJDN4i1b%2B17pjhuMTlIWb6N8THUF%2BZn09ACZgERzDwylQsqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
max-age=604800
cf-ray
6b1e7f31dd98599b-MXP
expires
Sun, 28 Nov 2021 17:16:05 GMT
if
a4p.adpartner.pro/tracker/ Frame AE43 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1522725%2C%22cost%22%3A0.001520229%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22f56ea891-eed0-49cb-87d4-dbfbde14b0f9%22%7D%5D%2C%22unit_id%22%3A7477%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:40 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 0E27 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1522725%2C%22cost%22%3A0.001520229%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22f56ea891-eed0-49cb-87d4-dbfbde14b0f9%22%7D%5D%2C%22unit_id%22%3A7477%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:40 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
2660788370370806322
tpc.googlesyndication.com/simgad/ Frame FD6D 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2660788370370806322?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnyzTO5OgjL1dmxHtctqCthCT5C0A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f5dc42b062c53c5ed93a7bc7f7db35866380d1cb7bd2022e6a6c646e064e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:00:51 GMT
x-content-type-options
nosniff
age
240469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58555
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 09:20:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Nov 2022 07:00:51 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame FD6D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:31:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FD6D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:33:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD6D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Nov 2021 01:48:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FD6D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:17:16 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FD6D 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 23:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11327
x-xss-protection
0
server
cafe
etag
10656063359522146397
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Dec 2021 23:04:25 GMT
init
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/init?token=eWEYhLk95RjlMjcy&url=https%3A%2F%2Fwww.newsx.icu%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
vary
Origin
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
x-content-type-options
nosniff
access-control-max-age
1728000
access-control-allow-origin
https://www.newsx.icu
access-control-allow-credentials
true
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server
back13
date
Mon, 22 Nov 2021 01:48:40 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
ext_cfgs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/ext_cfgs?token=eWEYhLk95RjlMjcy&url=https%3A%2F%2Fwww.newsx.icu%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
date
Mon, 22 Nov 2021 01:48:40 GMT
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-content-type-options
nosniff
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-origin
https://www.newsx.icu
access-control-allow-credentials
true
x-server
back17
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-max-age
1728000
vary
Origin
strict-transport-security
max-age=5184000; includeSubdomains;
css
fonts.googleapis.com/ Frame 717E 		6 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Nov 2021 00:02:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Nov 2021 01:48:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Nov 2021 01:48:40 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 717E 		1 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:28:01 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 717E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:31:32 GMT
css
fonts.googleapis.com/ Frame B6D8 		3 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Nov 2021 00:07:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Nov 2021 01:48:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Nov 2021 01:48:40 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B6D8 		1 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:28:01 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B6D8 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:31:32 GMT
css
fonts.googleapis.com/ Frame 1C79 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Nov 2021 00:03:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Nov 2021 01:48:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Nov 2021 01:48:40 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1C79 		1 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:28:01 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 1C79 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:31:32 GMT
app_index.3907564f7e57a77dd080.js
relap.io/v7/ Frame AC2B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/app_index.3907564f7e57a77dd080.js
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
2eb15f3d35f4869848afdbad2a2808b48e855def243b89f8c3b50ba8ecbedfc7
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 14:47:29 GMT
server
nginx
etag
"6197b901-1fcd"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
8141
expires
Wed, 22 Dec 2021 01:48:40 GMT
init
relap.io/api/v7/ Frame AC2B 		49 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/init?token=eWEYhLk95RjlMjcy&url=https%3A%2F%2Fwww.newsx.icu%2F
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
cb9dc389f8f137f6dc0208567b87a6c5dab1a4c68b138530b7fa2ab6d82227e9
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
x-relap-cookie
rlprp=fRq3RQ:7CjO0A
cache-control
max-age=1, no-cache
x-server
back19
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
ext_cfgs
relap.io/api/v7/ Frame AC2B 		496 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/ext_cfgs?token=eWEYhLk95RjlMjcy&url=https%3A%2F%2Fwww.newsx.icu%2F
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
b51e7d599a10319d0ef5af15255e518b4b9451a07355ded452c786590fd045e6
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
496
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
cache-control
max-age=1, no-cache
x-server
back17
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 717E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:33:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 717E 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Nov 2021 01:48:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 717E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:17:16 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 717E 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 11:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 11:25:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B6D8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:33:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B6D8 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Nov 2021 01:48:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B6D8 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:17:16 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame B6D8 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 11:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 11:25:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1C79 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:33:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C79 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Nov 2021 01:48:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1C79 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 01:17:16 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 1C79 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 11:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 11:25:57 GMT
prebid-between-5.19.0.js
cdn-rtb.sape.ru/js/prebid/ Frame 4A1A 		182 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-rtb.sape.ru/js/prebid/prebid-between-5.19.0.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/309/2/122309.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
asrv233.qwarta.ru
Software
openresty /
Resource Hash
005dae70297e564c263b5ba0765ef45701a11dcc95c8b2f27b0859f8118cba5f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
last-modified
Wed, 27 Oct 2021 11:35:46 GMT
server
openresty
x-amz-request-id
16B9BB282C5957CB
etag
"504d41f6ad861ff04561571042afa239"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
date
Mon, 22 Nov 2021 01:48:40 GMT
access-control-allow-credentials
true
content-length
186176
accept-ranges
bytes
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=68&id=122309.685473.163688262.0.1.112&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545721
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=7&id=122309.685473.163688265.0.4.183&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545721
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/ Frame 87F2 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/tiny-slider.css
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/data/iframe/39114/desktop/609e32e18b576632b9e21920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudfastads.ru/data/iframe/39114/desktop/609e32e18b576632b9e21920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1143233
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
573
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8ed0DBiDg8KFyI9Jhn%2FIJUv5I8ambXvs09hey%2F%2FxvaeHhqWP65YuFZ6L5e0Cwn0EfwCSguYBG3Tml2Y0UtuYi0DRh3n17DJAWjSUy%2Fp%2F2tTRxGYVTDf6RTPoVF8G1HY6gUbxNib9BfdmGZiDuJ2P6CX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b1e7f32c9b159b9-MXP
expires
Sat, 12 Nov 2022 01:48:40 GMT
css
fonts.googleapis.com/ Frame 87F2 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/data/iframe/39114/desktop/609e32e18b576632b9e21920
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudfastads.ru/data/iframe/39114/desktop/609e32e18b576632b9e21920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Nov 2021 01:48:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Nov 2021 01:48:40 GMT
openplayer.min.css
cdn.jsdelivr.net/npm/openplayerjs@1.16.9/dist/ Frame 87F2 		70 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/openplayerjs@1.16.9/dist/openplayer.min.css
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/data/iframe/39114/desktop/609e32e18b576632b9e21920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5fbf3809ed1ab50c30ecc23c624baa3fff69c9719c79c923f0f4f5cff079f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cloudfastads.ru/data/iframe/39114/desktop/609e32e18b576632b9e21920
Origin
https://cloudfastads.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2347812
x-jsd-version
1.16.9
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19168-FRA, cache-mxp6977-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"11621-yg3XYBhVRGXjbc1WIfxGlAXb8zg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b1e7f32db443761-MXP
2076313506083323656
tpc.googlesyndication.com/simgad/14081101461456081315/ Frame 717E 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14081101461456081315/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
834b1142ec0d26fc2f5d5b5b56d71758f30c95627b5a6118da0a9a3539c2a155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 00:56:33 GMT
x-content-type-options
nosniff
age
3127
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14428
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 11:09:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 22 Nov 2022 00:56:33 GMT
truncated
/ Frame 717E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec6d0575130f58a6b63f1fd6654c1487aae416032a3d9e517e1ee42c4cad2ccc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
processor.js
tag.digitaltarget.ru/ Frame 4915 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/processor.js?i=991945096358362
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Last-Modified
Tue, 16 Nov 2021 09:48:09 GMT
Server
nginx
ETag
"61937e59-3cda"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15578
css
fonts.googleapis.com/ Frame 87F2 		6 KB
686 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap&subset=cyrillic
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/css/inner.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2eb3c6f7141618152e18ea9aa0065e841b51393c426c673ab4ba69aa948b8eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudfastads.ru/css/inner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Nov 2021 01:48:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Nov 2021 01:48:40 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame CE9C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 22 Nov 2021 01:02:14 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2786
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
mirtesen.ru/cookiematching/ 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirtesen.ru/cookiematching/?payload=CkUKB19zbV91aWQSJGFlODFjNDZmLWY4YzQtNGVlMS1iOTM5LTFmMDFmNmQxM2E5MRoMLm1pcnRlc2VuLnJ1IgEvKIDnhA8KLgoHX3NtX3VkdBINMTYzNzU0NTcyMDAxNRoMLm1pcnRlc2VuLnJ1IgEvKIDnhA8KQwoHX3NtX3NpZBIkZTE0NDhmNjUtYzJiMi00MmY1LWIzZTctZmQyMGZhZTdkOGJlGgwubWlydGVzZW4ucnUiAS8oiA4%3D&rnd=1637545720775
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.131.27.117 , Russian Federation, ASN49063 (DTLN, RU),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-UPSTREAM-Address
5.188.198.130:80
Pragma
no-cache, no-cache
Date
Mon, 22 Nov 2021 01:48:40 GMT
Last-Modified
Monday, 22-Nov-2021 01:48:40 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 22 Nov 2021 01:48:40 GMT
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.sselp1.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Mon, 22 Nov 2021 01:48:40 GMT
Server
nginx
Connection
keep-alive
adpdigital
px.adhigh.net/p/cm/ 		49 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.148.142 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp3.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FF8F69A616407AA33022B39D2
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Mon, 22 Nov 2021 01:48:40 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FF8F69A616407AA33022B39D2
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FF8F69A616407AA33022B39D2
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FF8F69A616407AA33022B39D2
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Mon, 22 Nov 2021 01:48:40 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FF8F69A616407AA33022B39D2
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
1713983_2116.jpeg
img.adpartner.pro/1713/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/1713/1713983_2116.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Simferopol, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
385fba270bb5fa0c166b64f7e2179e14439a26fcd2395446a86cbaf46961181d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Fri, 16 Jul 2021 09:06:29 GMT
server
nginx
etag
"60f14c15-cd06"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
52486
1965011_2116.jpeg
img.adpartner.pro/1965/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/1965/1965011_2116.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Simferopol, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
45c00b6a5f381a06a09d69c736981c5520bafaa606c1461ad0e9a5ca49c92ed5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Tue, 31 Aug 2021 17:49:21 GMT
server
nginx
etag
"612e6ba1-d1c1"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
53697
1567037_2116.jpeg
img.adpartner.pro/1567/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/1567/1567037_2116.jpeg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Simferopol, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
eaed0d80d78c99467dddf29d878804cc23aa56ff42508c5c93293ffc6a27738d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Wed, 31 Mar 2021 09:29:58 GMT
server
nginx
etag
"60644116-79b7"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
31159
logo_left.gif
file.adpartner.pro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/logo_left.gif
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Simferopol, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
last-modified
Thu, 24 Jan 2019 09:25:42 GMT
server
nginx
etag
"5c498496-a79"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
2681
setuid
hbbond.com/
Redirect Chain
  • https://s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Fhbbond.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent=
  • https://hbbond.com/setuid?cLkVhHOOWa5W5U7uOEky
74 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbbond.com/setuid?cLkVhHOOWa5W5U7uOEky
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
185.98.54.153 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png

Redirect headers

location
https://hbbond.com/setuid?cLkVhHOOWa5W5U7uOEky
date
Mon, 22 Nov 2021 01:48:40 GMT
server
nginx/1.19.0
content-length
0
truncated
/ Frame 717E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ac46a2fdf1098c76d478fab726c955adf174b277e92ad8e5aa632ff09f20493

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 07D4 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 22 Nov 2021 01:02:14 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2786
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B6D8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9350c6ca375d3e7d5d8beadea42ca09797d95a5ddc7837360e26e27312821ddb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 689C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 22 Nov 2021 01:02:14 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2786
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1C79 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6da6a851817c55ca9dd7b00f9328af105181603a0219e68b9180f22f4f8d200f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 717E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:45:42 GMT
x-content-type-options
nosniff
age
381778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 15:45:42 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 717E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:07:55 GMT
x-content-type-options
nosniff
age
452445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 20:07:55 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 717E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 11:22:37 GMT
x-content-type-options
nosniff
age
397563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 11:22:37 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame B6D8 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:07:29 GMT
x-content-type-options
nosniff
age
452471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 20:07:29 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame B6D8 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:56:24 GMT
x-content-type-options
nosniff
age
485536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 10:56:24 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 1C79 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:07:29 GMT
x-content-type-options
nosniff
age
452471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 20:07:29 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 1C79 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:56:24 GMT
x-content-type-options
nosniff
age
485536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 10:56:24 GMT
truncated
/ Frame FD6D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
942227a320d4cd737b226ec3672fa4474d06129f1e509ae4b790cfb9c31d39ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
if
a4p.adpartner.pro/tracker/ Frame 580A 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1713983%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22fa09542d-003f-4489-9c8c-03934e982aec%22%7D%2C%7B%22ad_id%22%3A1965011%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d26b98f2-d711-45fe-90d2-ca57a6d22885%22%7D%2C%7B%22ad_id%22%3A1567037%2C%22cost%22%3A0.001587134%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ea06810e-36cc-4e6c-91f8-711de7107062%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:40 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 85C7 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1713983%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22fa09542d-003f-4489-9c8c-03934e982aec%22%7D%2C%7B%22ad_id%22%3A1965011%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d26b98f2-d711-45fe-90d2-ca57a6d22885%22%7D%2C%7B%22ad_id%22%3A1567037%2C%22cost%22%3A0.001587134%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ea06810e-36cc-4e6c-91f8-711de7107062%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:40 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
vendor.70a5e16820b6b0a388e3.js
relap.io/v7/ Frame AC2B 		373 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.3907564f7e57a77dd080.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
4efc7bae0f267c675c4cce712fd7b6dd7d69528899330340228259013376ba64
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 14:47:29 GMT
server
nginx
etag
"6197b901-18678"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
99960
expires
Wed, 22 Dec 2021 01:48:40 GMT
common_core.9d088340d7cfe344cddc.js
relap.io/v7/ Frame AC2B 		252 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.3907564f7e57a77dd080.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
6823dea10949344170cc602ab77daa8e267c3939427e6956318aa4cea3b5b36d
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 14:47:29 GMT
server
nginx
etag
"6197b901-dd64"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
56676
expires
Wed, 22 Dec 2021 01:48:40 GMT
app.443b72c76e8761dcbe23.js
relap.io/v7/ Frame AC2B 		69 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/app.443b72c76e8761dcbe23.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.3907564f7e57a77dd080.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
696847d4fee1e6e28b4687a7c113f1f20067af307bf90b491ac114f3b5bf2f44
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:40 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 14:47:29 GMT
server
nginx
etag
"6197b901-1df6"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
7670
expires
Wed, 22 Dec 2021 01:48:40 GMT
1
mc.yandex.com/watch/78735630/
Redirect Chain
  • https://mc.yandex.com/watch/78735630?wmode=7&page-url=https%3A%2F%2Fwww.newsx.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A523%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
  • https://mc.yandex.com/watch/78735630/1?wmode=7&page-url=https%3A%2F%2Fwww.newsx.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A523%3Afu%3A0%3Aen%3Autf-8%3Ala%...
331 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/78735630/1?wmode=7&page-url=https%3A%2F%2Fwww.newsx.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A523%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A485688638279%3Ahid%3A33808764%3Az%3A0%3Ai%3A20211122014840%3Aet%3A1637545720%3Ac%3A1%3Arn%3A221428796%3Arqn%3A1%3Au%3A163754572037036827%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637545718968%3Ads%3A0%2C0%2C194%2C1%2C249%2C0%2C%2C616%2C20%2C%2C%2C%2C1088%3Adsn%3A0%2C0%2C195%2C1%2C250%2C0%2C%2C617%2C20%2C%2C%2C%2C1088%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637545721%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20NewsX.icu&t=gdpr%2814%29ti%282%29
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
df5d737eb54936b7e366e737f4c0f2df5d5dce3048b82eea05104582fac1180d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 22-Nov-2021 01:48:41 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsx.icu
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Mon, 22-Nov-2021 01:48:41 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:41 GMT
last-modified
Mon, 22-Nov-2021 01:48:41 GMT
location
/watch/78735630/1?wmode=7&page-url=https%3A%2F%2Fwww.newsx.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A523%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A485688638279%3Ahid%3A33808764%3Az%3A0%3Ai%3A20211122014840%3Aet%3A1637545720%3Ac%3A1%3Arn%3A221428796%3Arqn%3A1%3Au%3A163754572037036827%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637545718968%3Ads%3A0%2C0%2C194%2C1%2C249%2C0%2C%2C616%2C20%2C%2C%2C%2C1088%3Adsn%3A0%2C0%2C195%2C1%2C250%2C0%2C%2C617%2C20%2C%2C%2C%2C1088%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637545721%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20NewsX.icu&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.newsx.icu
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 22-Nov-2021 01:48:41 GMT
adjson
ads.betweendigital.com/ Frame 4A1A 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/prebid/prebid-between-5.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsx.icu
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
truncated
/ Frame 87F2 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bde433cd26474d8a5b0177e8e381fa0bd45705dac9373ad1b00d2485070277e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 87F2 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 87F2 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cloudfastads.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 12:42:17 GMT
x-content-type-options
nosniff
age
133584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 20 Nov 2022 12:42:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 87F2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cloudfastads.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:45:42 GMT
x-content-type-options
nosniff
age
381779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 15:45:42 GMT
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame 0BF7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2666742100&adf=1421234867&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719990&bpp=4&bdt=551&idt=171&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gp2NgYJCx4&p=https%3A//www.newsx.icu&dtd=174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 19:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
23302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Nov 2022 19:20:19 GMT
matchx.html
uuidksinc.net/ Frame 8BFB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uuidksinc.net/matchx.html?gdpr=0&gdpr_consent=
Requested by
Host: hbbond.com
URL: https://hbbond.com/pql79m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
661241ddacc59ad99482ffaf821daf5bd47ead675f4dc90be590c60f1e70fd3f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

server
nginx/1.19.0
date
Mon, 22 Nov 2021 01:48:41 GMT
content-type
text/html
last-modified
Thu, 18 Nov 2021 15:45:22 GMT
vary
Accept-Encoding
etag
W/"61967512-1440"
expires
Mon, 22 Nov 2021 02:03:41 GMT
cache-control
max-age=900 public
content-encoding
gzip
79316371
mc.yandex.com/watch/ 		331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/79316371?wmode=7&page-url=https%3A%2F%2Fwww.newsx.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A523%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A4%3Adp%3A1%3Als%3A439194324438%3Ahid%3A33808764%3Az%3A0%3Ai%3A20211122014841%3Aet%3A1637545721%3Ac%3A1%3Arn%3A6655633%3Arqn%3A1%3Au%3A163754572037036827%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637545718968%3Ads%3A0%2C0%2C194%2C1%2C249%2C0%2C%2C616%2C20%2C%2C%2C%2C1088%3Adsn%3A0%2C0%2C195%2C1%2C250%2C0%2C%2C617%2C20%2C%2C%2C%2C1088%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637545721%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20NewsX.icu&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
cee34f1bf2477b1c4f7343eb48e7fc142bab20a6b1659fbc66c66e40ac00cf65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 22-Nov-2021 01:48:41 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsx.icu
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Mon, 22-Nov-2021 01:48:41 GMT
1
www.acint.net/rtbw/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A122309%2C%22sc%22%3A0%2C%22pl%22%3A685473%2C%22ev%22%3A%22vis100%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545721
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
frame.js
s3.advarkads.com/modules/match/ Frame 2D06 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.js
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FF8F69A616407AA33022B39D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a0f4fa617d5d9940c099afe919047ba8e53e171df11a2dd7afd3e3eb53c230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FF8F69A616407AA33022B39D2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 16:55:30 GMT
server
cloudflare
etag
"fe168af540c4d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
cf-ray
6b1e7f35cf3f0f6e-MXP
content-length
9195
i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 4915
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=649414536452441.820941814569619&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F69A616407AA33022B39D2.syn...
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=649414536452441.820941814569619&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F...
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=649414536452441.820941814569619&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F69A616407AA33022B39D2.sync:up.xdua:duSVp2_mUMR_eC6T203JdKyb.xps:xpswMBMtKa_Uso66RgXv5V0ua.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Server
185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
2
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=649414536452441.820941814569619&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F69A616407AA33022B39D2.sync:up.xdua:duSVp2_mUMR_eC6T203JdKyb.xps:xpswMBMtKa_Uso66RgXv5V0ua.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 4915
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=649414536452441.616589028583477&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F69A616407AA33022B39D2.syn...
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=649414536452441.616589028583477&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F...
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=649414536452441.616589028583477&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F69A616407AA33022B39D2.sync:up.xdua:duSVp2_mUMR_eC6T203JdKyb.xps:xpswMBMtKa_Uso66RgXv5V0ua.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Server
185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
5
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=649414536452441.616589028583477&a=77&e=0100007FF8F69A616407AA33022B39D2&pref=https%3A%2F%2Fwww.newsx.icu%2F&c=ss:77.up:0100007FF8F69A616407AA33022B39D2.sync:up.xdua:duSVp2_mUMR_eC6T203JdKyb.xps:xpswMBMtKa_Uso66RgXv5V0ua.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
metrics
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-allow-origin
https://www.newsx.icu
vary
Origin
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
x-server
web12
date
Mon, 22 Nov 2021 01:48:41 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-content-type-options
nosniff
access-control-max-age
1728000
strict-transport-security
max-age=5184000; includeSubdomains;
metrics
relap.io/api/v7/ Frame AC2B 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
cache-control
max-age=1, no-cache
x-server
back02
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
abp.gif
relap.io/ Frame AC2B 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/abp.gif?ch=1&rn=0.09947228302973166
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
last-modified
Wed, 21 Apr 2021 14:05:03 GMT
server
nginx
etag
"6080310f-2b"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
accept-ranges
bytes
content-length
43
abp.gif
relap.io/ Frame AC2B 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/abp.gif?ch=2&rn=0.09947228302973166
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
last-modified
Wed, 21 Apr 2021 14:05:03 GMT
server
nginx
etag
"6080310f-2b"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
accept-ranges
bytes
content-length
43
supersync
sync.1dmp.io/ Frame 5BF4
Redirect Chain
  • https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=LDX2xZGT
  • https://sync.1dmp.io/supersync?t=51bada40-4b36-11ec-9752-901b0e8d9836
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.1dmp.io/supersync?t=51bada40-4b36-11ec-9752-901b0e8d9836
Requested by
Host: relap.io
URL: https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-214-77.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:41 GMT

Redirect headers

server
nginx
date
Mon, 22 Nov 2021 01:48:41 GMT
content-length
0
expires
0
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
location
/supersync?t=51bada40-4b36-11ec-9752-901b0e8d9836
score.min.js
js.ad-score.com/ 		310 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000793
Requested by
Host: relap.io
URL: https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cc573b6b158da1a2873b8d2c5947f2546d9efb2664f212eb904900dca61082b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 21 Nov 2021 18:43:57 GMT
Content-Encoding
gzip
Age
25484
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Sun, 21 Nov 2021 18:43:57 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA6-C1
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
o8S0oYFk4QQv5H0E8FKBrsS7zxuEKZTqsUipJ5sVfmzUWrO2ThqWsw==
Expires
Mon, 22 Nov 2021 18:43:57 GMT
altergeocs
relap.io/partners/ Frame AC2B
Redirect Chain
  • https://cm.p.altergeo.ru/relap?aid=LDX2xZGT&nc=B162Oa4V&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
  • https://relap.io/partners/altergeocs?uid=CM2sKRdbtiTXuQxqyKntBMuQ==
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/partners/altergeocs?uid=CM2sKRdbtiTXuQxqyKntBMuQ==
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:41 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-server
back16
content-length
43
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Pragma
no-cache
Date
Mon, 22 Nov 2021 01:48:41 GMT
Server
nginx/1.16.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://relap.io/partners/altergeocs?uid=CM2sKRdbtiTXuQxqyKntBMuQ==
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
counter
top-fwz1.mail.ru/ Frame AC2B 		43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?id=3136989;js=na
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
87786.34ecd97d72e7251112eb.js
relap.io/v7/ Frame AC2B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/87786.34ecd97d72e7251112eb.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.3907564f7e57a77dd080.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
e7f983ddb5efb2673e542fe79bcf58641aee5b4a13b0902106d4a04b4cc776eb
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 14:47:29 GMT
server
nginx
etag
"6197b901-382"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
898
expires
Wed, 22 Dec 2021 01:48:41 GMT
79316371
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/79316371?page-url=goal%3A%2F%2Fwww.newsx.icu%2Fcsok&page-ref=https%3A%2F%2Fwww.newsx.icu%2F&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A4%3Adp%3A1%3Als%3A439194324438%3Ahid%3A33808764%3Az%3A0%3Ai%3A20211122014841%3Aet%3A1637545721%3Ac%3A1%3Arn%3A925532972%3Arqn%3A2%3Au%3A163754572037036827%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637545718968%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637545721%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20NewsX.icu&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:41 GMT
last-modified
Mon, 22-Nov-2021 01:48:41 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.newsx.icu
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 22-Nov-2021 01:48:41 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CE9C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 22 Nov 2021 01:48:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 22 Nov 2021 01:48:41 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 22 Nov 2021 01:48:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 07D4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 22 Nov 2021 01:48:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 22 Nov 2021 01:48:41 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 22 Nov 2021 01:48:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame 07A8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.newsx.icu&adk=2650045471&adf=18290415&pi=t.ma~as.www.newsx.icu&w=300&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545719969&bpp=13&bdt=530&idt=145&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=4057439318443&frm=20&pv=2&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1030&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQg06j2B94&p=https%3A//www.newsx.icu&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 19:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
23302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Nov 2022 19:20:19 GMT
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame 0CB7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu_Footer_728x90&adk=2068224291&adf=4261181915&pi=t.ma~as.www.newsx.icu_Foote_&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720000&bpp=19&bdt=560&idt=180&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sJHc9YquGu&p=https%3A//www.newsx.icu&dtd=189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 19:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
23302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Nov 2022 19:20:19 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 689C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 22 Nov 2021 01:48:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 22 Nov 2021 01:48:41 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 22 Nov 2021 01:48:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame 23F1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.newsx.icu&adk=3622811730&adf=2024069794&pi=t.ma~as.www.newsx.icu&w=728&lmt=1637545720&url=https%3A%2F%2Fwww.newsx.icu%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545720022&bpp=5&bdt=582&idt=198&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&pvsid=2825004556918950&pem=986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGnRznAg9k&p=https%3A//www.newsx.icu&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 19:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
23302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Nov 2022 19:20:19 GMT
i
dmg.digitaltarget.ru/awg/custom/6573/i/ Frame 8BFB
Redirect Chain
  • https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=cLkVhHOOWa5W5U7uOEky&i=0.4892005534867625
  • https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=cLkVhHOOWa5W5U7uOEky&i=0.4892005534867625
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=cLkVhHOOWa5W5U7uOEky&i=0.4892005534867625
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
7
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=cLkVhHOOWa5W5U7uOEky&i=0.4892005534867625
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
m
sync.mgid.com/ Frame 8BFB 		43 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mgid.com/m?cdsp=117798&c=cLkVhHOOWa5W5U7uOEky
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b1e7f372b0a7025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cLkVhHOOWa5W5U7uOEky
fcgi.gnezdo.ru/cookie_matching_ssp/kadam/ Frame 8BFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi.gnezdo.ru/cookie_matching_ssp/kadam/cLkVhHOOWa5W5U7uOEky
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
match
ads.betweendigital.com/ Frame 8BFB 		68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=38&external_user_id=cLkVhHOOWa5W5U7uOEky
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
kadam
sync.dmp.otm-r.com/match/ Frame 8BFB 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/kadam?id=cLkVhHOOWa5W5U7uOEky
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 Nov 2021 01:48:41 GMT
server
nginx/1.17.4
3f7efbc1a6e64cd5855ece6a5685bf3c
s.uuidksinc.net/match/760/ Frame 8BFB
Redirect Chain
  • https://ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1
  • https://s.uuidksinc.net/match/760/3f7efbc1a6e64cd5855ece6a5685bf3c
74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/760/3f7efbc1a6e64cd5855ece6a5685bf3c
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html?gdpr=0&gdpr_consent=
Protocol
H2
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png

Redirect headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://s.uuidksinc.net/match/760/3f7efbc1a6e64cd5855ece6a5685bf3c
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
cLkVhHOOWa5W5U7uOEky
an.yandex.ru/mapuid/kadamis/ Frame 8BFB 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/kadamis/cLkVhHOOWa5W5U7uOEky
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:41 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 01:48:41 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 01:48:41 GMT
recs
relap.io/api/v7/ Frame AC2B 		79 B
817 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
73842cebdeb43b5b1bdeb2ff4eae5512475a8cfb3f10e972097207968c74b395
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=fRq3RQ:7CjO0A
Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Relap-Unique
YmM5ZjE5

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
x-content-type-options
nosniff
access-control-max-age
1728000
vary
Origin
content-length
79
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
x-relap-cookie
rlprp=fRq3RQ:7CjO0A
cache-control
max-age=1, no-cache
x-server
back03
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
recs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-relap-cookie,x-relap-unique
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-max-age
1728000
x-server
back01
date
Mon, 22 Nov 2021 01:48:41 GMT
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-credentials
true
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin
https://www.newsx.icu
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
/
ssp-rtb.sape.ru/data/ 		30 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/data/?callback=sapeRTB_619af6f97_63530389&srtbid=122309&scids=163688261&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fwww.newsx.icu%2F&allimps=0&fl=0&v=3&deal=9&tz=%2B00%3A00
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/309/2/122309.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.6.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1359715.sapientru.net
Software
openresty /
Resource Hash
3abf886195af09f97f816ac9271f388faa44cfd444f527bc679491127a85a1dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 01:48:41 GMT
Server
openresty
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
30
Expires
Wed, 19 Apr 2000 11:43:00 GMT
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=7&id=122309.685473.163688265.0.4.183&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545721
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A122309%2C%22sc%22%3A0%2C%22pl%22%3A685473%2C%22ev%22%3A%22cheap%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=619af6f7-fced-90ot-grd4-ay9c5wz3uksq&ref=https%3A%2F%2Fwww.newsx.icu%2F&r=1637545721
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:41 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
api.advarkads.com/api/statistic/ Frame 2D06 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007FF8F69A616407AA33022B39D2
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FF8F69A616407AA33022B39D2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.109.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.18.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.advarkads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Nov 2021 00:49:25 GMT
Server
nginx/1.18.0
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
-1
cors
data.ad-score.com/data/ 		50 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=vHTCHFHDmVlZqXPxMCUfROQGjQlNBQfH-FE7fPshldVrkKD8a3HLLFknBPg==-E0zCO8hla1DhMQ==&pm_ct=999cc2a029c2261707f946ae&pm_pl=1637545721630&pm_td=6&pid=1000793&en=1.1&callback=__pm_glbl_PxEmu9O0geWyQL7AjXkRZgew._gc1&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
4000cfa685a292e95e089011ffd189080fac6c7ae7c2af52869c7cae3109bf00

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 Nov 2021 01:48:42 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.newsx.icu
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
50
x.html
js.ad-score.com/ Frame 4801 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000793
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000793
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b1dcc4be29c591cd9c70ddd1db3cbc916c29eef9e2aa7a458bfa3dda6bb7ee83

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Encoding
gzip
Last-Modified
Sun, 21 Nov 2021 06:04:47 GMT
Date
Sun, 21 Nov 2021 12:35:06 GMT
X-Cache
Hit from cloudfront
Via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
enqyT1K-dI0QTYFUgzSrgCMVMnWV1vcDHX9l6oqSFFe1xlcvLjKWQA==
Age
47615
truncated
/ Frame 95C0 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
metrics
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-credentials
true
access-control-max-age
1728000
date
Mon, 22 Nov 2021 01:48:41 GMT
vary
Origin
x-server
back02
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-origin
https://www.newsx.icu
strict-transport-security
max-age=5184000; includeSubdomains;
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
metrics
relap.io/api/v7/ Frame AC2B 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
cache-control
max-age=1, no-cache
x-server
web09
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
9a6f08a1-cac5-4734-a14a-610a127b6a7b
https://www.newsx.icu/ 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsx.icu/9a6f08a1-cac5-4734-a14a-610a127b6a7b
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=vHTCHFHDmVlZqXPxMCUfROQGjQlNBQfH-FE7fPshldVrkKD8a3HLLFknBPg==-E0zCO8hla1DhMQ==&pm_ct=999cc2a029c2261707f946ae&pm_pl=1637545721630&pm_td=351&pid=1000793&en=1.1&callback=__pm_glbl_PxEmu9O0geWyQL7AjXkRZgew._gc2&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.newsx.icu
Date
Mon, 22 Nov 2021 01:48:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
stat
relap.io/api/v7/ Frame AC2B 		2 B
739 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/stat
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=fRq3RQ:7CjO0A
Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Relap-Unique
YmM5ZjE5

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
access-control-max-age
1728000
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
x-relap-cookie
rlprp=fRq3RQ:7CjO0A
cache-control
max-age=1, no-cache
x-server
back23
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
stat
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/stat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-relap-cookie,x-relap-unique
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
vary
Origin
date
Mon, 22 Nov 2021 01:48:42 GMT
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-content-type-options
nosniff
access-control-allow-credentials
true
access-control-allow-origin
https://www.newsx.icu
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
x-server
back05
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-max-age
1728000
strict-transport-security
max-age=5184000; includeSubdomains;
activeview
pagead2.googlesyndication.com/pcs/ Frame FD6D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-cQu3tKef3dXvLo1uToor57bB7yrULliGpWLBwDD7Ay6TSrMQ74uNAUlLG2T3Hm95_CQWI1WzLFgxl3ADqxjH6nn-hoUUqbAFfoGJbAK3wAAQIPA-6A&sai=AMfl-YQDNtYnNZOROnMwl7h-BBh6ggIRxGrUSf_5z0gEhPx59-K-Dx_I9JZYyPAkr71MVH4dDQrjFMkPBn09&sig=Cg0ArKJSzC-WVJH51_EsEAE&id=lidar2&mcvt=1153&p=0,0,250,300&mtos=1153,1153,1153,1153,1153&tos=1153,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2650045471&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637545720135&rpt=718&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=vHTCHFHDmVlZqXPxMCUfROQGjQlNBQfH-FE7fPshldVrkKD8a3HLLFknBPg==-E0zCO8hla1DhMQ==&pm_ct=999cc2a029c2261707f946ae&pm_pl=1637545721630&pm_td=467&pid=1000793&en=1.1&callback=__pm_glbl_PxEmu9O0geWyQL7AjXkRZgew._gc3&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.newsx.icu
Date
Mon, 22 Nov 2021 01:48:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
recs
relap.io/api/v7/ Frame AC2B 		79 B
817 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
5abf7878a8d7993d3cefb8164048b890a12651cbf851891ed231d74449f229ce
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=fRq3RQ:7CjO0A
Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Relap-Unique
YmM5ZjE5

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
79
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
x-relap-cookie
rlprp=fRq3RQ:7CjO0A
cache-control
max-age=1, no-cache
x-server
back17
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
recs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-relap-cookie,x-relap-unique
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-allow-origin
https://www.newsx.icu
date
Mon, 22 Nov 2021 01:48:42 GMT
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server
web03
x-content-type-options
nosniff
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-max-age
1728000
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=5184000; includeSubdomains;
x.html
js.ad-score.com/ Frame 4801 		0
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000793
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000793
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.ad-score.com/x.html?pid=1000793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 21 Nov 2021 15:00:16 GMT
Content-Encoding
gzip
Age
47616
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 17 Nov 2021 18:26:28 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
Yl_NYrFhG2RAQSQ0S-5-0Bb0KJK-rFEi8jvmhboB-j6IAqmNSp_Q2A==
/
c.adskeeper.com/pv/ 		0
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1637545722148429885117&uniqId=0c01c&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsx.icu%2F&lu=https%3A%2F%2Fwww.newsx.icu%2F&sessionId=619af6fa-0210d&pageView=1&pvid=17d4554c1259e73b19b&site=746125&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1232513.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b1e7f3b9dc5360d-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=vHTCHFHDmVlZqXPxMCUfROQGjQlNBQfH-FE7fPshldVrkKD8a3HLLFknBPg==-E0zCO8hla1DhMQ==&pm_ct=999cc2a029c2261707f946ae&pm_pl=1637545721630&pm_td=520&pid=1000793&en=1.1&callback=__pm_glbl_PxEmu9O0geWyQL7AjXkRZgew._gc4&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.newsx.icu
Date
Mon, 22 Nov 2021 01:48:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: www.newsx.icu
URL: https://www.newsx.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
br
cf-cache-status
HIT
age
447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T5CTK0DJ7M4X76W7
x-amz-id-2
tZIcXHQPIJCYrNihVLS2EWmZXEWJ0Vp4oYRJ6IxCwAs5u+xUYhKRmUQwm6bXHowGp5ZaSaN5FXs=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6b1e7f3bcf8e4aaa-FRA
expires
Mon, 22 Nov 2021 05:48:42 GMT
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=vHTCHFHDmVlZqXPxMCUfROQGjQlNBQfH-FE7fPshldVrkKD8a3HLLFknBPg==-E0zCO8hla1DhMQ==&pm_ct=999cc2a029c2261707f946ae&pm_pl=1637545721630&pm_td=590&pid=1000793&en=1.1&callback=__pm_glbl_PxEmu9O0geWyQL7AjXkRZgew._gc5&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.newsx.icu
Date
Mon, 22 Nov 2021 01:48:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
1
servicer.adskeeper.com/1232513/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/1232513/1?pv=5&cbuster=163754572223533955172&uniqId=0c01c&niet=4g&nisd=false&jsv=es6&w=540&h=2565&cols=1&ref=&cxurl=https%3A%2F%2Fnewsx.icu%2F&lu=https%3A%2F%2Fwww.newsx.icu%2F&sessionId=619af6fa-0210d&pageView=1&pvid=17d4554c1259e73b19b&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1232513.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3780f26fe34b124d4aa78b37789ab4a119eaad1784b8715c34ca3b2fc38b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b1e7f3c2e32360d-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ext_cfgs
relap.io/api/v7/ Frame AC2B 		496 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/ext_cfgs?token=eWEYhLk95RjlMjcy&url=https%3A%2F%2Fwww.newsx.icu%2F
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
1e8bf9aa1773fdb1f9de82eb315964bbe3db68070f41a126922c82bec50326d5
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=fRq3RQ:7CjO0A
Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
496
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
x-relap-cookie
rlprp=fRq3RQ:7CjO0A
cache-control
max-age=1, no-cache
x-server
back16
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
ext_cfgs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/ext_cfgs?token=eWEYhLk95RjlMjcy&url=https%3A%2F%2Fwww.newsx.icu%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-relap-cookie
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
date
Mon, 22 Nov 2021 01:48:42 GMT
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-origin
https://www.newsx.icu
x-server
back23
vary
Origin
access-control-max-age
1728000
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
strict-transport-security
max-age=5184000; includeSubdomains;
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1c0f21ce4cdd7d2503269a02d68ba9085ec5be0769b951854ad8d1c11ac9ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51181
x-xss-protection
0
server
cafe
etag
13346909564979381826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 01:48:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b643d6a2edb0f9a8a075d3dced28a1bc022df36c576494052c1de6627c432d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.sselp1.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Mon, 22 Nov 2021 01:48:42 GMT
Server
nginx
Connection
keep-alive
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1232513.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
br
cf-cache-status
HIT
age
447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T5CTK0DJ7M4X76W7
x-amz-id-2
tZIcXHQPIJCYrNihVLS2EWmZXEWJ0Vp4oYRJ6IxCwAs5u+xUYhKRmUQwm6bXHowGp5ZaSaN5FXs=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6b1e7f3cdf7568e6-FRA
expires
Mon, 22 Nov 2021 05:48:42 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzAzM2M5NTc3Y2U1MGE4NmI2NDM4MGQzYjEyMGQyMWNmLmpwZWc.webp
s-img.adskeeper.com/g/6288122/492x277/0x0x1024x682/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/6288122/492x277/0x0x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzAzM2M5NTc3Y2U1MGE4NmI2NDM4MGQzYjEyMGQyMWNmLmpwZWc.webp?v=1637545722-fpgWK6Ux6BybjFQlJmhqDRqZqn2_1cQ8dyQTjl3qoWg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb551c60ccc6d5a5c9967cc7dabeed653c58ae7783ba340f0d18bebc6c3c7e70

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:39 GMT
x-mg-request-uuid
0745e60d-5c7b-4c50-a3e9-56ec486c1f0f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d4af235c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39194
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp
s-img.adskeeper.com/g/4060554/492x277/96x0x866x577/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4060554/492x277/96x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp?v=1637545722-KVel-lfpZQOGXEmZ06bYPFhZZhpVNgeumS9_N5cWnAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12154ae4f04266164ceeaf2ba970276422c0b602ed4953662b0fc29508d38816

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:49:23 GMT
x-mg-request-uuid
c4f5503d-97fb-45e6-9627-ab7ef4281962
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d4af335c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12410
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0Lzg1YWNjOTRlN2E0ZjliNDgxZGY1MWM5M2ZhNGU2M2RmLnBuZw.webp
s-img.adskeeper.com/g/4001402/492x277/110x0x859x572/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4001402/492x277/110x0x859x572/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0Lzg1YWNjOTRlN2E0ZjliNDgxZGY1MWM5M2ZhNGU2M2RmLnBuZw.webp?v=1637545722-nqhudUgI6L2bwjFxnrcHtgY3nHfzMnXzbwUDgTwu0fg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e8e3e25898e58911d788b263e8ee16a0c7db6a8dd5d6eed1b89f6eec83b391

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:46:20 GMT
x-mg-request-uuid
9eb02355-d13b-493f-9335-603acf487bea
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d4af435c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32774
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp
s-img.adskeeper.com/g/8164911/492x277/32x5x928x618/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164911/492x277/32x5x928x618/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp?v=1637545722-lEkXg7ptYo8hVLSxqC7HwSkzvVoloG34KHLj7JLhuOc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5474487abcb7251ef753c652d51182796eb9f1af3794d3438a4b32e5fe1192c9

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:45:38 GMT
x-mg-request-uuid
4aa72710-f7f7-4a08-a637-29e70c323565
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d4af535c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6106
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzE1MTA5NWJkOGNiNWVmMzhhNzg2OTEwYTdlZWM3MTcwLmpwZWc.webp
s-img.adskeeper.com/g/4021004/492x277/0x0x535x356/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4021004/492x277/0x0x535x356/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzE1MTA5NWJkOGNiNWVmMzhhNzg2OTEwYTdlZWM3MTcwLmpwZWc.webp?v=1637545722-4p-uQOo-cuO_Tzn0MUGVQDQzZbVyCyYNGqfdQYJeEWo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917b81a2558d11812dd8efd03f131c925e7142ee6d262c701c66c3f97450a491

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:59 GMT
x-mg-request-uuid
18b6109f-03b7-4be7-aab9-a1d9302a4ae4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d4af635c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27010
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmZjUwZTQ1ZGU4MTExMDA5YTdhYjRjZDExNzVmZGQyLmpwZWc.webp
s-img.adskeeper.com/g/4020992/492x277/0x0x866x577/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4020992/492x277/0x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmZjUwZTQ1ZGU4MTExMDA5YTdhYjRjZDExNzVmZGQyLmpwZWc.webp?v=1637545722-GLqjQq3k7DxSi-AS94FP_K5Q91za9NIQH6pqYdNQMog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8c842da0ea207208a7a092e1a31245376371cd77038b649b689436bd60ab0ea

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:53:55 GMT
x-mg-request-uuid
d23f08ca-f429-48db-aeea-3f0b4cfa97e2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d4af735c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26716
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3OWEzZDc0N2ZjYzMwMDNjZWY1OGRkMDAxZDI0OGJiLnBuZw.webp
s-img.adskeeper.com/g/3901253/492x277/0x171x606x404/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3901253/492x277/0x171x606x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3OWEzZDc0N2ZjYzMwMDNjZWY1OGRkMDAxZDI0OGJiLnBuZw.webp?v=1637545722-i_u3Yll0FqcxAZhAhzmQLWjLJkM-8vWTarU4xaTdbhE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bbd812f17cff60e26c991966afddeb3e1b9267629b5ace1845822b506b9e6d

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:44:27 GMT
x-mg-request-uuid
c89764d4-3c3c-4847-b311-13e0ed0defbd
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d6afd35c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8996
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc.webp
s-img.adskeeper.com/g/3885456/492x277/0x0x908x605/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3885456/492x277/0x0x908x605/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc.webp?v=1637545722-E_PiyvT1iFBeToG-UniWb3ovY19NS0LGrwJs7W3WKCg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
303751be6c0e7976d38682558bdfa9b2abf0734c50f2f05f26825d11b1475097

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:05 GMT
x-mg-request-uuid
463fa4dd-0da8-46e1-9eb4-bcb7a244546c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d6afe35c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12022
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzBjNzAwMWQyOGM5NjNmMjcyMDgwMTQyMDE4ODRiOGUzLmpwZWc.webp
s-img.adskeeper.com/g/4003636/492x277/63x0x922x614/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4003636/492x277/63x0x922x614/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzBjNzAwMWQyOGM5NjNmMjcyMDgwMTQyMDE4ODRiOGUzLmpwZWc.webp?v=1637545722--KJ9hIX1Jd5hdORXAuwd5sFTNFpSRPsR1USx71o7vQk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1c97b67ccf1cb07f560b8612860ecd5c50cdaa81a19e6f700393de55e2a3b3

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:54:29 GMT
x-mg-request-uuid
a42b99c5-7e2f-42d4-9c44-4601a7a4128f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d6b0035c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23894
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2ZlM2I2NDMwZjZmMGE2YThjYmFhYjM0ZjZjNzBkZTI0LmpwZWc.webp
s-img.adskeeper.com/g/8052385/492x277/135x0x863x575/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8052385/492x277/135x0x863x575/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2ZlM2I2NDMwZjZmMGE2YThjYmFhYjM0ZjZjNzBkZTI0LmpwZWc.webp?v=1637545722-qV__mhAytUIUeKWc_pb0RYt0PWXy3lUsnTvNK0Szlhg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a163abe2674350c1bfc7484f3508aad78dba67946f610363b48a0ba289fcc060

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:57:07 GMT
x-mg-request-uuid
e0dd3e6e-e744-40bf-bea5-64bd58566ed4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d6b0135c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8080
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzU0YWNjYTMwY2ZiYmVhMzhmNDFiNTE5NDdmMzAyYWU5LmpwZWc.webp
s-img.adskeeper.com/g/4001397/492x277/41x0x756x504/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4001397/492x277/41x0x756x504/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzU0YWNjYTMwY2ZiYmVhMzhmNDFiNTE5NDdmMzAyYWU5LmpwZWc.webp?v=1637545722-a5EkmvDZSy_rJqqU2s48nhRNN6CPggCGbzikkIrR2Tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e53ff9b480ff15138d7fcdd1538b78b9dc6e9ab5753d585f4c4a6b5764aa2b

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:51:47 GMT
x-mg-request-uuid
baaefbf1-67b1-494d-94f7-89307fd43b64
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d6b0235c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8564
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzc4YTc2YmYzOGIyZmVmZTQ0MjRlODk2YWM2YTAyOGMyLmpwZWc.webp
s-img.adskeeper.com/g/3946097/492x277/0x0x728x485/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3946097/492x277/0x0x728x485/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzc4YTc2YmYzOGIyZmVmZTQ0MjRlODk2YWM2YTAyOGMyLmpwZWc.webp?v=1637545722-tJ21fm5rZp3GHLFr9Daosved2BNyCZ_o9i2G4mOwhNw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36cbcdd011df3a0e97f16407f14405172c0b33cef5bc0b89699df87c05250c1

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:57:29 GMT
x-mg-request-uuid
e10a46ae-cd26-492d-8ff0-188ca717d525
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d6b0335c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10800
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2Q0M2UyOTFjYjZhMzhiYTM1NTA1YjFmMzdmZjY1YWMxLmpwZWc.webp
s-img.adskeeper.com/g/4027706/492x277/0x0x798x532/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4027706/492x277/0x0x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2Q0M2UyOTFjYjZhMzhiYTM1NTA1YjFmMzdmZjY1YWMxLmpwZWc.webp?v=1637545722-Xh1esvdBzaDQk3XPUprOa6m5GZhfRnLw9djqr74-0l4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57047a863c5f849d506cac0f0d9dc38223623df9e76999be50ef3678bb345cc

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:53:50 GMT
x-mg-request-uuid
09ef2483-f6a8-4d0e-9780-07427e085b5f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d6b0435c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14610
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzE0MzA1Y2NmZGYxNjAxOGU1MjAzNTAxYzc0ZDJiZTJjLmpwZWc.webp
s-img.adskeeper.com/g/4023139/492x277/0x430x1080x720/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4023139/492x277/0x430x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzE0MzA1Y2NmZGYxNjAxOGU1MjAzNTAxYzc0ZDJiZTJjLmpwZWc.webp?v=1637545722-spDpAkoy125KRX2v0oDcZMcnNnUBpL5Old5nsZmIZJI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8efadd3843810c14456eac0415ef569535e7a45b254073310b17d32dd16b04a5

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:53:17 GMT
x-mg-request-uuid
efc0d579-f9ff-4bdd-994a-09a095635196
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d6b0535c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34834
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhkY2JkMDdmNDNmYTBiN2RiM2NiZTg2MzU3MWIyN2FlLmpwZWc.webp
s-img.adskeeper.com/g/3882285/492x277/0x5x640x426/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3882285/492x277/0x5x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhkY2JkMDdmNDNmYTBiN2RiM2NiZTg2MzU3MWIyN2FlLmpwZWc.webp?v=1637545722-Iia8RaCR-LpY9_POuWcEDEppAKlZUXQfdqeT3yrXWAg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69a7b627b5f84e41012d04185a53878295434d0d69acafc54c4d18cc68c4157

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:59:57 GMT
x-mg-request-uuid
4fa6203c-883d-4f57-9ae4-73d1cd08d77c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3d6b0635c5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10602
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 22 Nov 2021 01:48:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B6D8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssv-mM4ZJTyVqktipvoy8EAHchUaMKHO1dEpWq1oSOyM83pLgCYafFl5sJPNRH9fhOdvGK8pIkcuW_ZhGDYy0QQ7MPTX79FXbRJ72TR&sai=AMfl-YQMiz5TCSgeJUVwAeceUbaLg-ki7yBrmRm0I9VxmW6b7w1k7QWqEXHwzCFKAlC8EvOfgH2wFtGqsmQG&sig=Cg0ArKJSzOpbiNTvOv8PEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=800,1000,1000,1000,1000&tos=800,200,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2068224291&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637545720191&rpt=1141&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 7953 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 21 Nov 2021 06:55:30 GMT
expires
Sun, 05 Dec 2021 06:55:30 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
67992
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.newsx.icu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newsx.icu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.newsx.icu%2F&tn=DIV&id=orquidea-slideup&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0CFF 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&adk=1687354157&adf=1791427562&lmt=1637545722&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.newsx.icu%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637545722411&bpp=2&bdt=2971&idt=2&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2479cd41e922ee87-22a1f2c7eccb009d%3AT%3D1637545720%3ART%3D1637545720%3AS%3DALNI_MYyHudzJaaUvgM0ALXrAN_mmdrQhw&prev_slotnames=www.newsx.icu%2Cwww.newsx.icu%2Cwww.newsx.icu_footer_728x90%2Cwww.newsx.icu&nras=1&correlator=4057439318443&frm=20&pv=1&ga_vid=1442588614.1637545720&ga_sid=1637545720&ga_hid=57346014&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735%2C44755656&oid=2&psts=AGkb-H8RbDZRE36Xjm1Kkt7ku-TdlwMQEggHud_ED5An1TbxdYP1eI111dLa-DCUofFdPXrg_0VhpIzBueGgLg%2CAGkb-H8a80fVkpxqF-bnxch4neOss9WEubL9R6DpNgYPkw0j35q4qZyAJVXc6_X-_o8fc4AY-74NMl9cchzbXw%2CAGkb-H_LvkFQ-vLjnUtxCrtVrQMRQKmKG14laBkFDscPwgS8EY-DPJt1Wol-5wVJGI6Yhfo6b0LLleIF8W3C3Q%2CAGkb-H-rNU91WONJ0OEeMXk1pE_sPBKI5sbc8mNVOguonvalwe-ew7_8et8Rk6974b_za8ZuWDwbLWVCBIk&pvsid=2825004556918950&pem=986&tmod=1256970147&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=5&uci=a!5&fsb=1&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=www.newsx.icu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 22 Nov 2021 01:48:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A234 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 21 Nov 2021 22:53:51 GMT
expires
Mon, 21 Nov 2022 22:53:51 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10491
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7069 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7c5b39b2d33a0a80552a73d5bf8a374e89d2b8c7193b136fdc9c780ef6330c3e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qBgyGAmZh16FS1uNmB348w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 22 Nov 2021 01:48:42 GMT
date
Mon, 22 Nov 2021 01:48:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qBgyGAmZh16FS1uNmB348w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
recs
relap.io/api/v7/ Frame AC2B 		79 B
816 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
551195386c720b27a05f0bc09a0cf7ad0a2f3dcf2c145b21173b7baf54a13712
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=fRq3RQ:7CjO0A
Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Relap-Unique
YmM5ZjE5

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
access-control-max-age
1728000
vary
Origin
content-length
79
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
x-relap-cookie
rlprp=fRq3RQ:7CjO0A
cache-control
max-age=1, no-cache
x-server
web01
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
recs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-relap-cookie,x-relap-unique
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-origin
https://www.newsx.icu
access-control-max-age
1728000
date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server
back16
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
strict-transport-security
max-age=5184000; includeSubdomains;
i.js
cm.adskeeper.com/ 		19 B
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1637545722465217945786
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1232513.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 22 Nov 2021 01:48:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b1e7f3d8efe360d-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.adskeeper.com/ Frame 1D77 		19 B
99 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1637545722500517645252
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1232513.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 22 Nov 2021 01:48:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b1e7f3dbf1a360d-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame A234 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 19:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
23303
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Nov 2022 19:20:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7069 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=2825004556918950&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1235697.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
br
cf-cache-status
HIT
age
447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T5CTK0DJ7M4X76W7
x-amz-id-2
tZIcXHQPIJCYrNihVLS2EWmZXEWJ0Vp4oYRJ6IxCwAs5u+xUYhKRmUQwm6bXHowGp5ZaSaN5FXs=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6b1e7f3e292368e6-FRA
expires
Mon, 22 Nov 2021 05:48:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 717E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR5xL5bU_XUwegWVUEAw3ZyymQt_SK6pNOYr4wF9WPsj8k6djY3TrBKOjZgtEKebbhiiCADOAKSmJMTKBBRjm7ANdefaD5foLrrdlQ&sai=AMfl-YQYG_Kq5HvFbQBApzN0M9ToK9GRXhp1O5fn8CcFtqT68Ze6u4OFERQL83NJHxrRvAjUxHVqas5B3n-Y&sig=Cg0ArKJSzLAxRInWY_ZxEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=0,0,1000,1413,1413&tos=0,0,1000,413,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.59&if=1&app=0&itpl=22&adk=2666742100&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637545720165&rpt=843&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext_cfgs
relap.io/api/v7/ Frame AC2B 		496 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/ext_cfgs?token=eWEYhLk95RjlMjcy&url=https%3A%2F%2Fwww.newsx.icu%2F
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
14e9b2ce492e867ca2e096aec22097d1343363d5f923d9c772deb79112a80ee1
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=fRq3RQ:7CjO0A
Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
496
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
x-relap-cookie
rlprp=fRq3RQ:7CjO0A
cache-control
max-age=1, no-cache
x-server
back23
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
ext_cfgs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/ext_cfgs?token=eWEYhLk95RjlMjcy&url=https%3A%2F%2Fwww.newsx.icu%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-relap-cookie
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
vary
Origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.newsx.icu
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-max-age
1728000
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
x-server
back01
date
Mon, 22 Nov 2021 01:48:42 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
1
servicer.adskeeper.com/1235697/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/1235697/1?w=1558&h=937&cols=4&pv=5&cbuster=163754572265079059722&uniqId=0775c&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsx.icu%2F&lu=https%3A%2F%2Fwww.newsx.icu%2F&sessionId=619af6fa-0210d&pageView=0&pvid=17d4554c1259e73b19b&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1235697.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8603b249f5b523b6119a196ba450c8de524a4262cf1240063cf1608567fdbfc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b1e7f3eaaef54cf-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=2825004556918950&bg=!z8ylzIjNAAZQLpa_UC47ACkAdvg8WkWjRHjGrgZ-q8u5brkf1euP6MCUrDpgYbQQ_d_683nF54Bd8QIAAAB7UgAAAA5oAQeZAoJbMh3UW2CHcz4KSuvfYqQO-nvAhPl1IahTvXgHQ45clqOPkpHMYBqLpVrYuZHHYzjgTL2b8PMIfmeGTH7ZgmtVeJYbcT2UzhD1qsKs9Dwea-KQZvyWljfSFlNRVdiW_M82N39tLmAppN-nOAFbjoXVfcanyT1BOOZjALhkXjIyS00-43WEmVlyA2ltv9Jfsxxf8Nn2hFILGYKKNldyILxAMgQJPBROQtPuUCrTfE1NnrxTzlO_Qwqg0frrvr6wvwXmxOc79ks4_6XXbezonevS2r16ludShCT8IIdMtRaA9WXZ9c3QMoBdOAdBrEI0oTo9jWAyDT1Uw5rCKCO7uXu4zN3_950K3PwdloZnlghW8uACtySneSlExKIFLXzHqs4SNzCLS4YToxeitMgImHORBB5aer8m1IwPBoUiavuwBVZdCn0Vqe3AxgEAVj_HPmQS1qN5bUBH5XxQaqwZ3ub1ghBjYH9NrZo-u1yTU576a1EmxdRlHYqXxzOuwDTlOTF2NAY4SKawuOvqD_WIDLmo4QqdYjlhu1no3ydJuua7Te1BBMeJjCB_PqW7NTSOoLz7BhXwFpSM8f9UGthtPFNu3p5Ttp_FTdonPE-jJGg3ZD8cQJy-2ZFmTH_t8dLIQc0FQOhpAdSVB64gFCG3JVawNIi3uItbAkNMK-NMXOniMLoJQdeiRdFdNIGkB0WZcD2RNfsALxR3k0JIsWM7Z43gGnrxFxReCF9Ph4h2VTtX8rBjtnxc1S-5C5o_Euwcvt5NGMiNew8bW3z2A1k6ihBrc2wrKAAMUY3Uxfbj0BUp48GyIhCWBLbSuuGgMPJ5KDiRrm9i_5-q1e6aDyE7bohPLgE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1235697.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
content-encoding
br
cf-cache-status
HIT
age
447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T5CTK0DJ7M4X76W7
x-amz-id-2
tZIcXHQPIJCYrNihVLS2EWmZXEWJ0Vp4oYRJ6IxCwAs5u+xUYhKRmUQwm6bXHowGp5ZaSaN5FXs=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6b1e7f3f3aa068e6-FRA
expires
Mon, 22 Nov 2021 05:48:42 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjMvMTAxOTI0LzJhZjI3OTZjODI4ODMxY2RmZTI0NzYzNjIzOTYwNTZmLmpwZz90PTE0OTAyNzQ2Mjk3MDc.webp
s-img.adskeeper.com/g/3805548/492x328/0x0x492x328/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3805548/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjMvMTAxOTI0LzJhZjI3OTZjODI4ODMxY2RmZTI0NzYzNjIzOTYwNTZmLmpwZz90PTE0OTAyNzQ2Mjk3MDc.webp?v=1637545722-VWuI-NSBHTx4SFlfKlg5eMZHOCQ4QV2sQ3Xyz2UfdpQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a804db001df9649e4748a6272ef96f514418ef1bfc01e6e1c6bd4ed4c9de56

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:49:24 GMT
x-mg-request-uuid
1c36a695-ffe6-4ca1-a727-afaf7c67f2c1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8ee6e59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11288
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzc2OGQzOWY4YjE4ZmJhNjJjMWQ2MGNjMGU3OGYyOThlLmpwZWc.webp
s-img.adskeeper.com/g/4723171/492x328/11x0x602x401/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4723171/492x328/11x0x602x401/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzc2OGQzOWY4YjE4ZmJhNjJjMWQ2MGNjMGU3OGYyOThlLmpwZWc.webp?v=1637545722-ypUsCf1JKd4WkUCmZpmUYaEu8Dkipc1dorqHJEbnPFo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021bc9aecdd5cab356d5ae686a28d9d1e560504db4632027de72c662c89f96da

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:58:29 GMT
x-mg-request-uuid
0e90d269-5cc7-44ce-a710-410318d6ad35
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8ee0e59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30680
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.adskeeper.com/g/8193501/492x328/16x0x492x328/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8193501/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1637545722-iyOwFzQDRHsRYDp7MoNKlQdpCNV1iOkfy3nyt_KHglg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c87cd4624a12ffbe183030d53888a7bc88e46b8dcc08a856b064fa1093b82634

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:40:58 GMT
x-mg-request-uuid
42945f34-0662-47c7-8864-c5814060e64c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8ee2e59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10504
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Y4YzMzNzhkNTE4YTkwMDRhNmYxNzc5NTJhY2IxZTljLmpwZWc.webp
s-img.adskeeper.com/g/3866391/492x328/0x0x891x594/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3866391/492x328/0x0x891x594/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Y4YzMzNzhkNTE4YTkwMDRhNmYxNzc5NTJhY2IxZTljLmpwZWc.webp?v=1637545722-b-iUs35mwADHBc1ztuQ2jj9mtGeMHG10a1gKMqN1qmY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a077a4b4c46911709c617fe14106774ce0b26c80243593d0bb4af72cbd11dbaf

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:53:12 GMT
x-mg-request-uuid
95650846-1953-459b-aa02-984b5f58d9c8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8ee4e59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16924
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2JlNjdlNjc5OWY4Y2Y4ZjBkZTMxNzAzODdiZWFmZTMwLmpwZWc.webp
s-img.adskeeper.com/g/4023134/492x328/0x54x551x367/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4023134/492x328/0x54x551x367/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2JlNjdlNjc5OWY4Y2Y4ZjBkZTMxNzAzODdiZWFmZTMwLmpwZWc.webp?v=1637545722-k5VopPAhT9QOPvrjpyb4rBrjtuvKN4_q3eGpP0HUZBA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01be651da184255667a942e800a61f67bce61b9dc7fd563edce5c7fa07836c38

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:42:55 GMT
x-mg-request-uuid
85371799-b152-47ce-91e9-753aac273a69
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8ee5e59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20190
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2RkMjQ0MjkxMDA0MWRjZDdiMmVkMDE1MGUzMzA0ODZlLmpwZz90PTE0OTgxNjA5MDQwOTQ.webp
s-img.adskeeper.com/g/3805595/492x328/0x135x1080x720/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3805595/492x328/0x135x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2RkMjQ0MjkxMDA0MWRjZDdiMmVkMDE1MGUzMzA0ODZlLmpwZz90PTE0OTgxNjA5MDQwOTQ.webp?v=1637545722-tzhQaosBq-2IOMHL5e6c9jUto1Uk-jlGhIPLCiwSHKw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0455753e2e27bb8f2cae8e8583d5f4f7d231614d1c3233e7529783b084dd1a

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:57:46 GMT
x-mg-request-uuid
ba79b560-4797-4375-9660-a3a7b42e29d5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8ee3e59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12360
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDUvMTAxOTI0L2I5OTdjZjg2ZTllYzk2MTYyNjhkYTFmNzk4ZjRlMzZiLmpwZz90PTE0OTE0MDc0OTEzODk.webp
s-img.adskeeper.com/g/3805542/492x328/0x0x492x328/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3805542/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDUvMTAxOTI0L2I5OTdjZjg2ZTllYzk2MTYyNjhkYTFmNzk4ZjRlMzZiLmpwZz90PTE0OTE0MDc0OTEzODk.webp?v=1637545722-4AbGPm_7fbSSdBM-ab4qjObAYyWnR0Qj2ao88tlVX0g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b7b37a3cbd6bb3b1134020e1444e0888cbcbf8698b56251334c7ef5f5b2969

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:15 GMT
x-mg-request-uuid
8dd4d917-21f5-4203-b7a9-e078b5aa222e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8eebe59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54768
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2M0MTRkYWM0MmJjMzlkNzZiNDdmMWViZmUyMjA1ZjYyLnBuZw.webp
s-img.adskeeper.com/g/10881034/492x328/0x0x601x400/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/10881034/492x328/0x0x601x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2M0MTRkYWM0MmJjMzlkNzZiNDdmMWViZmUyMjA1ZjYyLnBuZw.webp?v=1637545722-UWLw56CnIOdZXDqLrtBL9m5DwOXfw6fOI1NJyGlcxaI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
041350e04615e8c1e56147d5d19147e431f62af29edbcc518c9eec6630517762

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:53:30 GMT
x-mg-request-uuid
b796cee8-5846-4fc1-af0e-9232b0c1167b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8ee9e59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17362
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw.webp
s-img.adskeeper.com/g/3944301/492x328/0x0x900x600/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3944301/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw.webp?v=1637545722-Uk-zjeFvxHFK2yTRBQnnF1zrzxk27YZ5stPMtyGMFSM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd9adb8b74f40d28fd222f1129386d70828709bb1089d1429f4fd21d1fe78f8

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:55:59 GMT
x-mg-request-uuid
33c86bb9-5df7-4c46-ab9b-a1a88d7db4f9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8ee7e59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45164
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDgvMTAxOTI0LzRiZWUzN2RiYWE2MWQzMmZlMjYzZDA0Mzk4NmM2ZDMzLmpwZWc_dD0xNDk2OTI3MjA1MjU1.webp
s-img.adskeeper.com/g/3805471/492x328/0x0x492x328/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3805471/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDgvMTAxOTI0LzRiZWUzN2RiYWE2MWQzMmZlMjYzZDA0Mzk4NmM2ZDMzLmpwZWc_dD0xNDk2OTI3MjA1MjU1.webp?v=1637545722-6npaQzFR2ZOjHWFkhAmqJVYSN6VYtplV_6Sf71ND480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
befb968abb55913fb681f0b29f1f733c6e68af8741ed6c51d11ce3649e532164

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:06 GMT
x-mg-request-uuid
37f3c5f2-f945-4629-987e-5c55efe25389
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8eeae59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23800
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2VkMzg5YTZhYWZjODgwNWEyM2JhNThlM2JhYzA2NTk0LmpwZWc.webp
s-img.adskeeper.com/g/4027703/492x328/2x0x798x532/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4027703/492x328/2x0x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2VkMzg5YTZhYWZjODgwNWEyM2JhNThlM2JhYzA2NTk0LmpwZWc.webp?v=1637545722-H2VflffQZgsJatmlRvU8Qz2l9o29jG6Yy_sIVagO_Es
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6206899e83cdd902d92a50b654ad187bd6f489f6635fe8e3e7f4005d4fb227d9

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:24 GMT
x-mg-request-uuid
8cd46925-7461-4598-9aa4-42099a39868b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8ee8e59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19762
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp
s-img.adskeeper.com/g/8193534/492x328/0x124x788x525/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8193534/492x328/0x124x788x525/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp?v=1637545722--STqtfH6a4zzNEByFywFkcWG1au-9ZS3SaioJM8ekvM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1effc97f7cbb4025bc485804bda05878cb67be6c6985817fe19c2b357dff9f87

Request headers

Referer
https://www.newsx.icu/
Origin
https://www.newsx.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:41:04 GMT
x-mg-request-uuid
501bb0c7-db44-418b-884a-937e0b94b0f6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b1e7f3f8ee1e59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10548
server
cloudflare
if
a4p.adpartner.pro/tracker/ Frame BA25 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1713983%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22fa09542d-003f-4489-9c8c-03934e982aec%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:42 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 7D8F 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1965011%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d26b98f2-d711-45fe-90d2-ca57a6d22885%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:42 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame C0F9 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1567037%2C%22cost%22%3A0.001587134%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ea06810e-36cc-4e6c-91f8-711de7107062%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:42 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 9548 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d60edd1d-fe32-486e-83a7-1677d1764df6%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1713983%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22fa09542d-003f-4489-9c8c-03934e982aec%22%7D%2C%7B%22ad_id%22%3A1965011%2C%22cost%22%3A0.002028477%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d26b98f2-d711-45fe-90d2-ca57a6d22885%22%7D%2C%7B%22ad_id%22%3A1567037%2C%22cost%22%3A0.001587134%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ea06810e-36cc-4e6c-91f8-711de7107062%22%7D%5D%2C%22unit_id%22%3A7476%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.newsx.icu%252F%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.43.196 , France, ASN16276 (OVH, FR),
Reverse DNS
app-hb-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 22 Nov 2021 01:48:42 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
recs
relap.io/api/v7/ Frame AC2B 		79 B
816 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
73842cebdeb43b5b1bdeb2ff4eae5512475a8cfb3f10e972097207968c74b395
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=fRq3RQ:7CjO0A
Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Relap-Unique
YmM5ZjE5

Response headers

date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
79
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsx.icu
x-relap-cookie
rlprp=fRq3RQ:7CjO0A
cache-control
max-age=1, no-cache
x-server
web05
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
recs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-relap-cookie,x-relap-unique
Origin
https://www.newsx.icu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-origin
https://www.newsx.icu
access-control-max-age
1728000
date
Mon, 22 Nov 2021 01:48:42 GMT
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server
back16
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
strict-transport-security
max-age=5184000; includeSubdomains;
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=vHTCHFHDmVlZqXPxMCUfROQGjQlNBQfH-FE7fPshldVrkKD8a3HLLFknBPg==-E0zCO8hla1DhMQ==&pm_ct=999cc2a029c2261707f946ae&pm_pl=1637545721630&pm_td=1390&pid=1000793&en=1.1&callback=__pm_glbl_PxEmu9O0geWyQL7AjXkRZgew._gc6&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.newsx.icu
Date
Mon, 22 Nov 2021 01:48:43 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
/
www.acint.net/ping/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/ping/?v=0.3.0&uid=bdb8a251-bf3b-42c0-a7da-4baaa64429a4&dp=14&tz=%2B00%3A00&nc=64140843&dT=2021-11-22T01%3A48%3A43.202
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsx.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 01:48:43 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
c
c.adskeeper.com/ 		43 B
441 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=267|280|12|qi9nlKuqo_wbcOFdYNszb2FgLKU4a39M0U7urL3aAO9aMYnewU5yG3EFo-zKLK3A&fw=1&extjs=66044&v=540|198|12|qi9nlKuqo_wbcOFdYNszb-mYTFUyM94TbbS8C2fHcLQr5FrQZq8nds0FDrA3sQPj&v=540|198|12|qi9nlKuqo_wbcOFdYNszb3znsBlr1idNTL9G3icGfHNToyiQ4_1USa-NGHjOWXVU&v=267|280|12|qi9nlKuqo_wbcOFdYNszbzEpjw6D8G84orcjzgn_8I0tfk09jDzuP8RSjRVWCpdb&cid=1232513&h2=LZ5RJQS2E6QXPudow0zXam08RUz4B3sMks8WiSV7C-c*&rid=524fe9bb-4b36-11ec-bf32-2cea7f875b01&tt=Direct&iv=11&pageImp=1&pvid=17d4554c1259e73b19b&cbuster=1637545723863301553312&tpl=0
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/e/newsx.icu.1232513.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
819af05b-128a-4c36-9708-ef3e83e72e05
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b1e7f463f3754cf-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=vHTCHFHDmVlZqXPxMCUfROQGjQlNBQfH-FE7fPshldVrkKD8a3HLLFknBPg==-E0zCO8hla1DhMQ==&pm_ct=999cc2a029c2261707f946ae&pm_pl=1637545721630&pm_td=2390&pid=1000793&en=1.1&callback=__pm_glbl_PxEmu9O0geWyQL7AjXkRZgew._gc7&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.newsx.icu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.newsx.icu
Date
Mon, 22 Nov 2021 01:48:44 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

315 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| elmt string| str object| atOptions object| head object| script object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor boolean| google_apltlad object| google_sv_map string| google_user_agent_client_hint object| aafVYIyfvUHGVufyud object| _acic object| sapeRtbHandler_122309 string| srtb_sid object| ClicksCloudAsyncCallbacks object| loadedBanners string| scr object| div object| x number| len undefined| newScript function| getApuID object| APC object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID object| shownAds7477 object| initRtb1637545719975183409 object| result string| key string| apuid object| sessionData object| shownAds7476 object| initRtb1637545719976058171 function| ym string| LANG_LOADING string| LANG_ALL object| icms function| setCaretPosition function| getCaretPosition function| addTextToPosition function| goBack function| spellcount function| initMultyTabs function| $ function| jQuery function| Popper object| bootstrap object| toastr function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| ttsmi2_data object| smi2TrackerSend object| __statmedia_callbacks object| jsapi object| _acil object| _mgIntExchangeNews object| AdskeeperInfC1232513 function| AdskeeperCContextBlock1232513 function| AdskeeperCMainBlock1232513 function| AdskeeperCInternalExchangeBlock1232513 function| AdskeeperCRejectBlock1232513 function| AdskeeperCInternalExchangeLoggerBlock1232513 function| AdskeeperCObserverBlock1232513 function| AdskeeperCSendDimensionsBlock1232513 function| AdskeeperCRtbBlock1232513 function| AdskeeperCDiscountBlock1232513 function| AdskeeperCIframeSizeChangerBlock1232513 function| AdskeeperCContentPreviewBlock1232513 boolean| mg_loaded_746125_1232513 string| kdmDomain object| setKdm object| ClicksCloud object| _0x6649 function| _0x9664 object| Ya object| yaCounter78735630 object| yaCounter76602070 object| yaCounter71281900 object| __statmedia object| T function| StatMedia object| statmedia51250 object| banner7477_1637545719975183409 object| banner1637545719975183409 object| AdskeeperInfC1235697 function| AdskeeperCContextBlock1235697 function| AdskeeperCMainBlock1235697 function| AdskeeperCInternalExchangeBlock1235697 function| AdskeeperCRejectBlock1235697 function| AdskeeperCInternalExchangeLoggerBlock1235697 function| AdskeeperCObserverBlock1235697 function| AdskeeperCSendDimensionsBlock1235697 function| AdskeeperCRtbBlock1235697 function| AdskeeperCIframeSizeChangerBlock1235697 function| AdskeeperCContentPreviewBlock1235697 function| AdskeeperCResponsiveBlock1235697 boolean| mg_loaded_746125_1235697 object| mrqvr5e540rj object| closure_lm_114819 object| banner7476_1637545719976058171 object| banner1637545719976058171 object| jsapi_ object| JsAPI object| logKdm object| googletag object| yaCounter79316371 function| getKdm object| relapAPI object| relapTasks object| onClickExcludes object| __pm_glbl object| __pm_glbl_PxEmu9O0geWyQL7AjXkRZgew object| __pm_ads_list string| AdScoreObject function| adScore function| mgReject1232513 function| mgLoadAds1232513_0c01c function| AdskeeperCReject1232513 function| AdskeeperLoadGoods1232513_0c01c object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint746125 string| _mgPvid boolean| _mgPageView746125 object| adsbygoogle object| GoogleGcLKhOms number| tmod function| google_spfd object| google_image_requests boolean| i.js.loaded boolean| i-noref.js.loaded function| mgReject1235697 function| mgLoadAds1235697_0775c function| AdskeeperCReject1235697 function| AdskeeperLoadGoods1235697_0775c object| _mgwcapping boolean| _mgPageImp746125

135 Cookies

Domain/Path Name / Value
.newsx.icu/ Name: ICMS609E0FD14DA41
Value: f33d261ddef411c7c5f00bbb6fcd01c2
.newsx.icu/ Name: icms[device_type]
Value: desktop
.newsx.icu/ Name: icms[guest_date_log]
Value: 1637545719
www.newsx.icu/ Name: ls_smartpush
Value: 1
www.newsx.icu/ Name: lapuid
Value: d60edd1d-fe32-486e-83a7-1677d1764df6
www.newsx.icu/ Name: session_id
Value: 6d5597d3-9c74-4593-877d-6201657b265c
www.newsx.icu/ Name: session_pageview
Value: 1637545720.1
www.newsx.icu/ Name: site_visited
Value: 1637632120.1
a4p.adpartner.pro/ Name: www.newsx.icu_ref
Value:
.mirtesen.ru/ Name: _sm_uid
Value: ae81c46f-f8c4-4ee1-b939-1f01f6d13a91
.mirtesen.ru/ Name: _sm_udt
Value: 1637545720015
.mirtesen.ru/ Name: _sm_sid
Value: e1448f65-c2b2-42f5-b3e7-fd20fae7d8be
.mirtesen.ru/ Name: nid
Value: ads5-2smir10
.mirtesen.ru/ Name: qw
Value: DmAfYGGa9vjCJGwV
.mirtesen.ru/ Name: qws
Value: RG1BZllHR2E5dmpDSkd3Vg~~#kXOPdTrfwlq7peKvIVlh5w~~
.acint.net/ Name: aid
Value: fwAAAWGa9vgzqgdk0jkrArQcmT2UhgSGkRpVu8vp2arfOE+a
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWGa9vh5ywA5gNmpAqumhDtesXcUDQjd3YJQy7CFej5B
a4p.adpartner.pro/ Name: apuid
Value: d60edd1d-fe32-486e-83a7-1677d1764df6
a4p.adpartner.pro/ Name: apudmg
Value: 1
www.newsx.icu/ Name: fid
Value: 6509e811-19b5-4d91-a1e3-f0a95dd65e8d
.acint.net/ Name: cSyncDp7v2
Value: 1637545720
.acint.net/ Name: cSyncDp14v3
Value: 1637545720
.acint.net/ Name: cSyncDp17
Value: 1637545720
.acint.net/ Name: cSyncDp32
Value: 1637545720
.acint.net/ Name: cSyncDp45v3
Value: 1637545720
.acint.net/ Name: cSyncDp53
Value: 1637545720
.acint.net/ Name: cSyncDp54v2
Value: 1637545720
.acint.net/ Name: cSyncDp62
Value: 1637545720
.acint.net/ Name: cSyncDp67v2
Value: 1637545720
.acint.net/ Name: cSyncDp68
Value: 1637545720
.acint.net/ Name: cSyncDp77
Value: 1637545720
.acint.net/ Name: cSyncDp84
Value: 1637545720
.acint.net/ Name: cSyncDp85
Value: 1637545720
.acint.net/ Name: cSyncDp88
Value: 1637545720
.acint.net/ Name: cSyncDp95v2
Value: 1637545720
.acint.net/ Name: cSyncDp101
Value: 1637545720
.acint.net/ Name: cSyncDp104v2
Value: 1637545720
.acint.net/ Name: cSyncDp107
Value: 1637545720
.acint.net/ Name: cSyncDp110
Value: 1637545720
.acint.net/ Name: cSyncDp111v2
Value: 1637545720
.acint.net/ Name: cSyncDp112v2
Value: 1637545720
.acint.net/ Name: cSyncDp125v2
Value: 1637545720
.acint.net/ Name: cSyncDp126
Value: 1637545720
.acint.net/ Name: cSyncDp127
Value: 1637545720
.acint.net/ Name: cSyncDp129
Value: 1637545720
.acint.net/ Name: cSyncDp136
Value: 1637545720
.acint.net/ Name: cSyncDp138
Value: 1637545720
.acint.net/ Name: cSyncDp144
Value: 1637545720
.acint.net/ Name: cSyncDp146
Value: 1637545720
.acint.net/ Name: cSyncDp149
Value: 1637545720
.acint.net/ Name: cSyncDp151
Value: 1637545720
www.newsx.icu/ Name: _cc_visit
Value: 1
www.newsx.icu/ Name: _cc__visit_deep
Value: 1
.newsx.icu/ Name: __gads
Value: ID=2479cd41e922ee87-22a1f2c7eccb009d:T=1637545720:RT=1637545720:S=ALNI_MYyHudzJaaUvgM0ALXrAN_mmdrQhw
.newsx.icu/ Name: _ym_uid
Value: 163754572037036827
.newsx.icu/ Name: _ym_d
Value: 1637545720
www.newsx.icu/ Name: _cc_session
Value: 26b151e3-ceb2-4e3f-ae20-a02b8eb762b0
.doubleclick.net/ Name: IDE
Value: AHWqTUkNt_ZDciERV5Z4T2DKOJxBUlgz4Q4ybcJmR6rLNObZGj83aGq7FSyMrkq0aD8
.utraff.com/ Name: preutid
Value: 1
.republer.com/ Name: ruid
Value: 594817c2-e0c5-4848-82ad-f7aabbca24af
.adhigh.net/ Name: gi_u
Value: tXlp7xqClx.AikABlF9RVS68Q
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 830876853fake
.otm-r.com/ Name: mpid
Value: NjE5YWY2ZjgxMzQ2ZDNmYg==
adx.com.ru/ Name: yabbi-user
Value: 619af6f8f0e01540ca2731ac
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.1dmp.io/ Name: uid
Value: 51503190-4b36-11ec-9752-901b0e8d9836
.stat.media/ Name: _sm_uid
Value: ae81c46f-f8c4-4ee1-b939-1f01f6d13a91
.stat.media/ Name: _sm_udt
Value: 1637545720015
.stat.media/ Name: _sm_sid
Value: e1448f65-c2b2-42f5-b3e7-fd20fae7d8be
.stat.media/ Name: _sm_cm
Value: 8
.eskimi.com/ Name: __eConsent
Value: 1
.relap.io/ Name: unique
Value: LDX2xZGT
.relap.io/ Name: fsts
Value: 1637545720
.relap.io/ Name: suid
Value: 272fdade2e01cf5937325df48e1cb36d83e05447--aca6f462717df78fec5088ab72a60f977b23c8cfa613ca32675592e476952302
.relap.io/ Name: rlpsprcs
Value: eyJ0cyI6MTYzNzU0NTcyMCwidWlkIjoiMDEwMDAwN0ZGOEY2OUE2MTY0MDdBQTMzMDIyQjM5RDIifQ--a65b690c33bf199bb168c8b68e4d06dfd7bf7e84ddd77684d43f6419b61ab441
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1325679585fake
a4p.adpartner.pro/ Name: buyeruid_53
Value: 0100007FF8F69A616407AA33022B39D2
a4p.adpartner.pro/ Name: buyeruid_55
Value: 0100007FF8F69A616407AA33022B39D2
.adhigh.net/ Name: sape_sync
Value: IGL
.adriver.ru/ Name: cid
Value: Ai0RbEHBR-iuFxSyvCaiJJA
.newsx.icu/ Name: _ym_isad
Value: 2
.uuidksinc.net/ Name: jcsuuid
Value: cLkVhHOOWa5W5U7uOEky
cm.mgid.com/ Name: mg_sync
Value: {}
.mgid.com/ Name: muidn
Value: lalEIY1IgOMh
.mgid.com/ Name: __cf_bm
Value: v1ipjC4HAxMJAGgXBfEDL0SbEgQrTjL9aC_xL4AA4c4-1637545720-0-AekVx369LwHPAcXgRVQCCtIMZ/kktyDm5OBjAVgNGL/tdwQ0+oJVWMDSMeo5C9teSDxQUujMv2ejOimDhzOiyxc=
a4p.adpartner.pro/ Name: buyeruid_63
Value: b1f2548b-8ca8-42d7-5c2f-36be9027e0f6
a4p.adpartner.pro/ Name: buyeruid_64
Value: 219d9813-e5ab-4071-5c27-0739df4c83de
.weborama.fr/ Name: AFFICHE_W
Value: tq789sl9pjC281
.www.newsx.icu/ Name: sspUid
Value: 692f26de-a9fa-4b0f-839f-82720d46d23d
.betweendigital.com/ Name: tuuid
Value: 8ed4376e-2f22-5346-8456-3768e5ccc190
ssp.bidvol.com/ Name: bvuid
Value: me3k5hb6oy
.mts.ru/ Name: dspid
Value: 3f33f622-4257-4084-9121-0335d7b63733
.rktch.com/ Name: b_uid
Value: 3f176b2e946eff2d3cf083c67b2b8378328c
.rutarget.ru/ Name: userId
Value: 0VnRccofN0KO
.hbbond.com/ Name: dmpUid
Value: cLkVhHOOWa5W5U7uOEky
a4p.adpartner.pro/ Name: buyeruid_57
Value: 8ed4376e-2f22-5346-8456-3768e5ccc190
.relap.io/ Name: hllc
Value: 2
a4p.adpartner.pro/ Name: buyeruid_47
Value: 8ed4376e-2f22-5346-8456-3768e5ccc190
.relap.io/ Name: rlprp
Value: fRq3RQ--e5081d5eea1c4eea4c819182f75b0429bd50346c8d91ae0c997279862cf09243
.relap.io/ Name: 3rdpce
Value: 1
.adsniper.ru/ Name: uuid3
Value: IiQ1MThiMmI3ZS00YjM2LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.yandex.com/ Name: yandexuid
Value: 2931096521637545721
.yandex.com/ Name: yuidss
Value: 2931096521637545721
mc.yandex.com/ Name: yabs-sid
Value: 2484782551637545721
.yandex.com/ Name: i
Value: JwzL9FkWMBtLZTia4K0Z7FAqIXkQPIsWmiCejRBDmjOe1Wyr/wJuSpHSCyb63GS7I/86HCydihpDnA7WhvZrk8MVDZA=
.yandex.com/ Name: ymex
Value: 1669081721.yrts.1637545721#1669081721.yrtsi.1637545721
.gnezdo.ru/ Name: uid
Value: XV9maWGa9vhxfpj7ZzplAg==
.aidata.io/ Name: __upin
Value: +5l1bN1DZR+3W+2PqLx75Q
.aidata.io/ Name: __upints
Value: 1637545721
.ops.beeline.ru/ Name: BeeAID
Value: 302ab1b4-0e54-43ea-a561-b4eb24a7547e
.yandex.ru/ Name: yuidss
Value: 5150710061637545721
.yandex.ru/ Name: yandexuid
Value: 5150710061637545721
.bumlam.com/ Name: suuid3
Value: IiQ1MThiMmI3ZS00YjM2LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
x01.aidata.io/ Name: mts
Value: 1
.1dmp.io/ Name: 51bada40-4b36-11ec-9752-901b0e8d9836
Value: cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD1MRFgyeFpHVA==
.mts.ru/ Name: mts_id
Value: 7890207d-39a4-4439-8271-63437cc155f1
.mts.ru/ Name: mts_id_last_sync
Value: 1637545721
js.ad-score.com/ Name: token
Value: ikzXsszpFOjYZ-5t00-VjDIJaWQrlNPI
.newsx.icu/ Name: _ym_visorc
Value: b
.mail.ru/ Name: VID
Value: 3dupxy3wPyI600000X12H426:::0-0-0-6b54fb8:CAASEHoQbjTMttFZpH7vGLBqS8AaYEHAaGAvaO0iX8EwQ-d5splQjqISGqPfyVCW_p6d4shFz_rCO6rpCbSJgs_3xcCjpcKczDQ8BTfgnFMLHYi5KueTq2SogoZFadMLFmpQUHmEYUFAaZ06MWGDjAQVnzijLg
.doubleclick.net/ Name: DSID
Value: NO_DATA
.relap.io/ Name: rlpagcs
Value: eyJ0cyI6MTYzNzU0NTcyMSwidWlkIjoiQ00yc0tSZGJ0aVRYdVF4cXlLbnRCTXVRPT0ifQ--8aa2ae0e9696793720f8dbbaf2567648fa872829ba1f62b121a06abf8d34170d
.ads.go2net.com.ua/ Name: am-uid
Value: 3f7efbc1a6e64cd5855ece6a5685bf3c
.dmg.digitaltarget.ru/ Name: viuserid
Value: NAL.YeY-4ahMqgO7qrUf
.betweendigital.com/ Name: ut
Value: YZr2-QAHrNhWQaKe2JxcIQecOIy-TeaqHo9jWw==
sync.mgid.com/ Name: mg_sync
Value: {"117798":1637545721}
.advarkads.com/ Name: u
Value: EALJQIsO_0usjLxSorQuKA
www.newsx.icu/ Name: pmtimesig
Value: [[1637545721637,0]]
data.ad-score.com/ Name: token
Value: HvtWIxUDibDWa-m108-sWQvzAcDuqoXf
.relap.io/ Name: lsts
Value: 1637545722
servicer.adskeeper.com/ Name: __mglb
Value: fc02a5af8306bee686576562f78e8f80
.adskeeper.com/ Name: muidn
Value: lalGKNHUx0Mh
www.newsx.icu/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1232513%22%3A%7B%22page%22%3A1%2C%22time%22%3A1637545722364%7D%2C%22C1235697%22%3A%7B%22page%22%3A1%2C%22time%22%3A1637545722757%7D%7D
.uuidksinc.net/ Name: KCMSINC
Value: 1669102647%2C1669102647%2C1669102647%2C1669102647%2C1669102647%2C1669102647%2C1669102647

15 Console Messages

Source Level URL
Text
javascript warning URL: https://www.newsx.icu/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://feignoccasionedmound.com/92a095c0d6de1b51d4758c4bf6ee3ca7/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.newsx.icu/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://feignoccasionedmound.com/92a095c0d6de1b51d4758c4bf6ee3ca7/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://feignoccasionedmound.com/92a095c0d6de1b51d4758c4bf6ee3ca7/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://tags.orquideassp.com/tag/7996
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://tags.orquideassp.com/tag/7996
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://tags.orquideassp.com/tag/7996
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://tags.orquideassp.com/tag/7996
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://tags.orquideassp.com/tag/7997
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://tags.orquideassp.com/tag/7997
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://tags.orquideassp.com/tag/8277
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://tags.orquideassp.com/tag/8277
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9464.MqJ15vtrfGHK0Wbp745M4G-nqCmJIPuuUYidV8x30BAQG_EjpdtawGj3jONkncLiNtVdB-fr7TjEQuRU1GKEwg%2C%2C.i_B2xMdaYpj8Aa_OwOHoyYF1kYM%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D619af6f8f0e01540ca2731ac%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D619af6f8f0e01540ca2731ac%2526dest%253D&webouid=OhEMQXyFnnP3v8TnUY5ZQe
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://fcgi.gnezdo.ru/cookie_matching_ssp/kadam/cLkVhHOOWa5W5U7uOEky
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://an.yandex.ru/setud/mts_banner/PzP2IkJXQISRIQM117Y3Mw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D%252B5l1bN1DZR%252B3W%252B2PqLx75Q&sign=766958706
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007ff8f69a616407aa33022b39d2-sp.ops.beeline.ru
a.utraff.com
a4p.adpartner.pro
acint.net
ad.a-ads.com
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
ads.go2net.com.ua
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.advarkads.com
c.adskeeper.com
cdn-rtb.sape.ru
cdn.adskeeper.co.uk
cdn.jsdelivr.net
cdnjs.cloudflare.com
cloudfastads.ru
cm.adskeeper.com
cm.g.doubleclick.net
cm.mgid.com
cm.p.altergeo.ru
data.ad-score.com
dm-eu.hybrid.ai
dm.hybrid.ai
dmg.digitaltarget.ru
dsp-trk.eskimi.com
exchange.buzzoola.com
fcgi.gnezdo.ru
fcgi4.gnezdo.ru
feignoccasionedmound.com
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbbond.com
img.adpartner.pro
js.ad-score.com
jsc.adskeeper.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mirtesen.ru
neon.today
news.mirtesen.ru
newsx.icu
pagead2.googlesyndication.com
partner.googleadservices.com
px.adhigh.net
recreativ.ru
redirect.frontend.weborama.fr
relap.io
s-img.adskeeper.com
s.adlane.info
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
servicer.adskeeper.com
sm.rtb.mts.ru
socpublic.com
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bidvol.com
ssp.otm-r.com
stat.adlabs.ru
stat.media
static.a-ads.com
static.olanola.com
static1.olanola.com
static3.olanola.com
static4.olanola.com
static5.olanola.com
static6.olanola.com
static7.olanola.com
static8.olanola.com
supertruco.com
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.mgid.com
sync.republer.com
sync3.adsniper.ru
t.trafmag.com
tag.digitaltarget.ru
tags.orquideassp.com
target.smi2.net
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
ut.rktch.com
uuidksinc.net
www.acint.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.newsx.icu
x01.aidata.io
104.18.17.65
104.19.134.80
104.19.136.78
109.248.237.36
130.211.115.4
136.243.35.166
136.243.84.75
138.201.139.144
138.201.55.242
138.201.65.74
138.201.71.94
142.250.184.226
142.250.186.98
146.0.227.107
146.59.43.196
148.251.156.238
157.90.6.176
159.69.59.100
185.148.37.79
185.15.175.145
185.15.175.146
185.98.54.153
188.34.131.132
192.0.78.146
192.243.59.12
193.200.65.5
193.232.148.142
194.190.117.94
195.201.243.72
195.209.108.47
213.87.44.187
217.65.2.150
217.66.147.169
217.69.133.145
23.105.236.220
23.111.109.220
2600:9000:2057:2800:2:e529:700:93a1
2600:9000:2057:4400:a:deb0:3380:93a1
2606:4700:10::6816:557
2606:4700:20::681a:cae
2606:4700:3030::6815:526e
2606:4700:3039::6815:c098
2606:4700::6810:135e
2606:4700::6810:5614
2a00:1148:db00::17
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a02:6b8::1:119
2a02:6b8::90
2a0c:5c81:5139::2
31.172.81.172
31.220.27.134
34.120.139.69
35.190.16.14
37.18.103.21
37.18.16.23
37.9.245.57
46.161.36.2
46.161.36.23
46.4.121.26
5.200.44.34
65.108.1.48
77.123.132.26
77.123.132.42
80.64.106.148
81.222.128.215
88.212.234.127
88.212.234.234
88.212.234.55
88.212.252.76
88.99.214.77
89.108.119.43
89.108.97.2
93.95.102.105
95.131.27.117
95.163.37.253
95.179.157.240
95.181.171.233
95.211.66.35
96.46.186.57
005dae70297e564c263b5ba0765ef45701a11dcc95c8b2f27b0859f8118cba5f
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
01be651da184255667a942e800a61f67bce61b9dc7fd563edce5c7fa07836c38
021bb0e966086476e9206afd56a6a6dbe204ef409ebac74d2ce7f4bc5a831c93
021bc9aecdd5cab356d5ae686a28d9d1e560504db4632027de72c662c89f96da
02a84e44034467efa47f571067805e4723261531e89e04092f9c74a339d50727
041350e04615e8c1e56147d5d19147e431f62af29edbcc518c9eec6630517762
0538f4cc6cdf2b191e18b14249f09e75effcf1d1e8cb7244b843b9c950e066e3
07e692f46f2ca24899dce0b43a08f10433aa72f5b5f24610e47fdc665c480878
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893
0cab8671024e27265f5d37739d64ccfd8417d3a1326cd85e578a2ca7280ecf0d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fcd80075e6c1a21fd16da66616be49cae9ca943249bae2ca10999b63e7e93bd
10724e2fbe2f76ba6e90bcfa974a14b87fbf7cc7cd75d1e932682ec8d87100b8
12154ae4f04266164ceeaf2ba970276422c0b602ed4953662b0fc29508d38816
12a76a984f44ebd136dba9b6a97048f72fdfafcd6c9808a3e4dc9f86fded57dc
13215235b2cb1408756d85724e8104bf1a6c76db5e7e62a1dd9a6a1c3ed34efa
14e9b2ce492e867ca2e096aec22097d1343363d5f923d9c772deb79112a80ee1
1728d6b4a772fe72fc793409179184932e1447abf80ca2ad32108713f1bad3cc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184f5dc42b062c53c5ed93a7bc7f7db35866380d1cb7bd2022e6a6c646e064e1
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1e8bf9aa1773fdb1f9de82eb315964bbe3db68070f41a126922c82bec50326d5
1effc97f7cbb4025bc485804bda05878cb67be6c6985817fe19c2b357dff9f87
2252f9f3f5b88272d4815d8cbed2057af184af16dd4ed38d64180241ae72961c
23f85d833afa834ef3bf6bbad174634bb0dec1e69c859ce032869cc4a7af2198
240397ef27dd8f6eb02914d099b454cc2ec862889ecf4a399d4fa22aafad6307
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25b53d19de644e8655381e74ee16804c3a92f8a7a86edd28872e9aa2c91a7c30
2680d234be786aed155d399b9084a346f17abf5a323ca7d64ff100dc31faddfc
26a37fcd1a2a29d07cfbd5ea93992879aabc59921bcd95fd962124a4fa576d29
27f1501e2d868b4e7ace1662c09de3e7f4dfbbe253706bf2bbba0a7b2054a6d0
28fc9d531af13630b17c084b1bb2b38fe8fbc6dfc3f66a589e9de50886a78237
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d8618e3d2de4948e82bbce7cd6e1cefb6d720a09adb2cae9ea3886785493a0e
2eb15f3d35f4869848afdbad2a2808b48e855def243b89f8c3b50ba8ecbedfc7
2eb3c6f7141618152e18ea9aa0065e841b51393c426c673ab4ba69aa948b8eff
303751be6c0e7976d38682558bdfa9b2abf0734c50f2f05f26825d11b1475097
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f
385fba270bb5fa0c166b64f7e2179e14439a26fcd2395446a86cbaf46961181d
388250ef019bb2e9368449425f7b78a75eb4da62c31173417ba245626e3d1add
3abf886195af09f97f816ac9271f388faa44cfd444f527bc679491127a85a1dd
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3c28cb372ad95cb73e4c210b79d05f0406c078b2f9bc3cb3dd288551f0fb99cd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4000cfa685a292e95e089011ffd189080fac6c7ae7c2af52869c7cae3109bf00
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44db80ad4df788f3b3849b6fd303123de07e3cea5f54c1e8ac1ef96d3433301d
45c00b6a5f381a06a09d69c736981c5520bafaa606c1461ad0e9a5ca49c92ed5
475f6332af202d6fc819ab45adeac42d26932fba1bf826fde56a4a13737289ee
4ad6d56c1ee3114713b879d7bcfe7e5fd275b5d4ef4c2a776308264fc751d4e1
4b209ef5e78bd0cf80ce9f268f22c09596fa55dc6e0b95efdb0b63745b093c1b
4b69d1d2a3191f06c8df876243d394c4423b913357d516141da2fa0218c41052
4efc7bae0f267c675c4cce712fd7b6dd7d69528899330340228259013376ba64
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fd9adb8b74f40d28fd222f1129386d70828709bb1089d1429f4fd21d1fe78f8
509fa01f9a262a267c6f9c5985eddc7e4c1b0f6df01c0d070bb4dc908b36ffe4
50e0afdeb9a45d9df775741a70aa98a4686d666f34f8419576bc325932bd60e4
50e0f121009581857e1b54f14dcb3d157d69ae517c20b3b4e19bebd79dc691cf
518a0e298f6b0b360bc3d06b66f9b44145811cf65fdf140945b9f66a8fefd135
539a5b7b15a9d612c2c793d16fc19562a92f666e509301ffb73dba07e2750336
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
5474487abcb7251ef753c652d51182796eb9f1af3794d3438a4b32e5fe1192c9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c8c3f75cbf30760416906555f30c2330fec688bf527a9d1dedb17fe289c184
551195386c720b27a05f0bc09a0cf7ad0a2f3dcf2c145b21173b7baf54a13712
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
5a0db6487c26e2c9948ed0b4439efc4ab46c30c2021b0b917fc3ffcef9f24a97
5abf7878a8d7993d3cefb8164048b890a12651cbf851891ed231d74449f229ce
5b56e6a96eb776c608ff9c5aece065d29ed0a63283cad08c212b5a1abff9bbad
5c1c97b67ccf1cb07f560b8612860ecd5c50cdaa81a19e6f700393de55e2a3b3
5c3d9b8c772a6884f1c071fdadfede84bdce6c2042ee3e481e756c37f3a1dc69
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f782c59c63deb946dba76d7564211bb6190b29eb4de0479085e98d57d7e70d0
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
612562d93ad789aff20493261d26c2966d01126ce7e36599c7adb0942ecd533d
6187bfcc95b12cc2aef4c444634e76d709bcf4caa8ae572ec9d1aa1b259f4b04
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
6206899e83cdd902d92a50b654ad187bd6f489f6635fe8e3e7f4005d4fb227d9
626ae755080c24e5455d73329e057796d862e4c47ad05404de8e5b6d04b8a594
6296329a64d9cd5df715d1ae39fc1c2f07ab9384e7374a3591fe4f4868637e1f
649dc7d7429f5a97f192e1fb5a20be15a4fedf7320553b10972bacda90d5a137
6559e391808f7a073776f24639be7668116abadb9035b571c79f43c8c6bed53f
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
661241ddacc59ad99482ffaf821daf5bd47ead675f4dc90be590c60f1e70fd3f
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6823dea10949344170cc602ab77daa8e267c3939427e6956318aa4cea3b5b36d
696847d4fee1e6e28b4687a7c113f1f20067af307bf90b491ac114f3b5bf2f44
69cf38a38da7ff69086c02743eaeec9c5301d7a9211668eb427183faf023492b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67
6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce
6da6a851817c55ca9dd7b00f9328af105181603a0219e68b9180f22f4f8d200f
714cb76ebd1753477da5958d10c8a19753b8ba0c730badc085523136d9070ce3
71c6c5283fde3416bd3d27bf476f33cccbcd3ce3968688506ca2c3b8195e2f4b
73842cebdeb43b5b1bdeb2ff4eae5512475a8cfb3f10e972097207968c74b395
74666ec5b340e0fe56a5f39ee6ca31e882ff19e52e39f667c420ce4df4a2a817
75370275ecdd0b31dce80103457f6a5145bbda6357b1cb385e4381a42863bf0b
758c961a878da919493a57c0d146f9c1fcfb3a59e4a8387f2d59e1eebbaa913e
7792ff39012a4f7110e0874f5e2ddf834300cd3e75d6c0ab60ea2047e0d003f5
77a804db001df9649e4748a6272ef96f514418ef1bfc01e6e1c6bd4ed4c9de56
79e8e3e25898e58911d788b263e8ee16a0c7db6a8dd5d6eed1b89f6eec83b391
7a0dc6cfd1a6197c5779698686fe44ae103f0cc3a63d55acb62922a0810478e2
7bed620eed510e3dfee02eeb0d3559a07ceb3ffe33e8a877a405c7d6e98fd08c
7c5b39b2d33a0a80552a73d5bf8a374e89d2b8c7193b136fdc9c780ef6330c3e
7fde2d53ca599aa172c5699f618c117af1747f3f38606888ef6b6a6cc67f4b90
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834b1142ec0d26fc2f5d5b5b56d71758f30c95627b5a6118da0a9a3539c2a155
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8603b249f5b523b6119a196ba450c8de524a4262cf1240063cf1608567fdbfc1
8a2933f61346292ceba9366bac962d6d1e3b7bfb6306f746a3035225a8ee587c
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8dd7c600f92a84eda40cccea0db8c481ee8b1b3f189bd84717f347fd4ae91c6f
8e3780f26fe34b124d4aa78b37789ab4a119eaad1784b8715c34ca3b2fc38b2e
8efadd3843810c14456eac0415ef569535e7a45b254073310b17d32dd16b04a5
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f247f6a47939a61e4cb8e6a5d6d28fc1d14c598bdb568a34f2f21d6653648b5
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
917b81a2558d11812dd8efd03f131c925e7142ee6d262c701c66c3f97450a491
92b62cd336887b0400f36d047244ba3ea7a54e4fc41fafbbc9a848b203438d67
9350c6ca375d3e7d5d8beadea42ca09797d95a5ddc7837360e26e27312821ddb
942227a320d4cd737b226ec3672fa4474d06129f1e509ae4b790cfb9c31d39ab
94e53ff9b480ff15138d7fcdd1538b78b9dc6e9ab5753d585f4c4a6b5764aa2b
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
98bbd812f17cff60e26c991966afddeb3e1b9267629b5ace1845822b506b9e6d
99715df61dad47b9a0b43683513bb80b3af3dc4662a136191bb30d9feb278dfe
9ac46a2fdf1098c76d478fab726c955adf174b277e92ad8e5aa632ff09f20493
a02ca886b4e9b5118fbd2814ab2dbcb2bd9421163f569d15138d78bfe7a0362c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a077a4b4c46911709c617fe14106774ce0b26c80243593d0bb4af72cbd11dbaf
a163abe2674350c1bfc7484f3508aad78dba67946f610363b48a0ba289fcc060
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c0f21ce4cdd7d2503269a02d68ba9085ec5be0769b951854ad8d1c11ac9ec3
a36cbcdd011df3a0e97f16407f14405172c0b33cef5bc0b89699df87c05250c1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
af0455753e2e27bb8f2cae8e8583d5f4f7d231614d1c3233e7529783b084dd1a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dcc4be29c591cd9c70ddd1db3cbc916c29eef9e2aa7a458bfa3dda6bb7ee83
b3b7b37a3cbd6bb3b1134020e1444e0888cbcbf8698b56251334c7ef5f5b2969
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b51e7d599a10319d0ef5af15255e518b4b9451a07355ded452c786590fd045e6
b643d6a2edb0f9a8a075d3dced28a1bc022df36c576494052c1de6627c432d91
b69a7b627b5f84e41012d04185a53878295434d0d69acafc54c4d18cc68c4157
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c
bde433cd26474d8a5b0177e8e381fa0bd45705dac9373ad1b00d2485070277e8
befb968abb55913fb681f0b29f1f733c6e68af8741ed6c51d11ce3649e532164
bfae5dcf0d76e2f5f8b292525af32d74e7d02e7d9d35705cc381fa059fc1f662
c1ff5d38bb88893b6192f609890a4d5ac888d85d116e40e0f77b27512ec40b66
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5f4ecd81e538d156a54dd6465f7b9117fae39a7ef5a237db97e827bf51d997a
c5fbf3809ed1ab50c30ecc23c624baa3fff69c9719c79c923f0f4f5cff079f38
c87cd4624a12ffbe183030d53888a7bc88e46b8dcc08a856b064fa1093b82634
c9407c281dfa6fb3c755c9125a0298f974a92c43912ff642019ad550ea9cd24c
cb551c60ccc6d5a5c9967cc7dabeed653c58ae7783ba340f0d18bebc6c3c7e70
cb9dc389f8f137f6dc0208567b87a6c5dab1a4c68b138530b7fa2ab6d82227e9
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc573b6b158da1a2873b8d2c5947f2546d9efb2664f212eb904900dca61082b1
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cee34f1bf2477b1c4f7343eb48e7fc142bab20a6b1659fbc66c66e40ac00cf65
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf513e5ad100f99e23ed6194eb557a37302d5b8d3a0de03abf8d3bceb38affeb
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d76863ab257ee68fe803ac93880e3118adb4e9c59112a7f242ce81c1243bb52a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de059ee02a426fc1a6f24fb16c1b609f5f77de59469804ca319287d1615dad10
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
df5d737eb54936b7e366e737f4c0f2df5d5dce3048b82eea05104582fac1180d
e0b9766edbaf77c1dd162ad23a0da637514e17c6c805637755e74d0885b4524c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57047a863c5f849d506cac0f0d9dc38223623df9e76999be50ef3678bb345cc
e648d440cb4c221cf9482b75048a52af982a51d80e43629056be47b88237e945
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e7f983ddb5efb2673e542fe79bcf58641aee5b4a13b0902106d4a04b4cc776eb
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
eaed0d80d78c99467dddf29d878804cc23aa56ff42508c5c93293ffc6a27738d
ec6d0575130f58a6b63f1fd6654c1487aae416032a3d9e517e1ee42c4cad2ccc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5a0f4fa617d5d9940c099afe919047ba8e53e171df11a2dd7afd3e3eb53c230
f8c842da0ea207208a7a092e1a31245376371cd77038b649b689436bd60ab0ea
fc1a4b182b6bbeb31bbccbad515f0bad23d5b3176be97f1106672ba1222ace60
fef6b84b3053b45b1aef3045e40ca64766292bf939d4087b6f31748254c9806c