urlscan.io logo urlscan.io
SecurityTrails logo

newsmaker.md Open in urlscan Pro
104.22.9.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://newsmaker.md/
Effective URL: https://newsmaker.md/
Submission: On September 29 via manual from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 11 countries across 53 domains to perform 324 HTTP transactions. The main IP is 104.22.9.68, located in and belongs to CLOUDFLARENET, US. The main domain is newsmaker.md.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.
This is the only time newsmaker.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 121 104.22.9.68 13335 (CLOUDFLAR...)
3 142.250.181.234 15169 (GOOGLE)
1 77.88.55.80 13238 (YANDEX)
1 104.21.7.243 13335 (CLOUDFLAR...)
5 104.18.226.52 13335 (CLOUDFLAR...)
1 104.16.95.65 13335 (CLOUDFLAR...)
4 185.60.216.19 32934 (FACEBOOK)
2 142.250.74.200 15169 (GOOGLE)
12 142.250.185.67 15169 (GOOGLE)
2 142.250.181.238 15169 (GOOGLE)
2 91.228.74.133 16509 (AMAZON-02)
1 13.225.87.6 16509 (AMAZON-02)
5 178.154.131.216 13238 (YANDEX)
7 93.158.134.90 13238 (YANDEX)
1 4 128.140.224.227 5606 (GTS-BACKB...)
10 142.250.185.206 15169 (GOOGLE)
3 185.60.216.35 32934 (FACEBOOK)
1 2.16.107.27 20940 (AKAMAI-ASN1)
2 93.158.134.158 13238 (YANDEX)
6 216.58.212.162 15169 (GOOGLE)
17 77.88.21.179 13238 (YANDEX)
2 86.105.81.36 8926 (MOLDTELEC...)
1 13.32.29.81 16509 (AMAZON-02)
1 13.224.193.121 16509 (AMAZON-02)
1 146.59.30.104 16276 (OVH)
1 173.194.76.155 15169 (GOOGLE)
1 13.224.193.12 16509 (AMAZON-02)
4 142.250.185.130 15169 (GOOGLE)
4 142.250.185.194 15169 (GOOGLE)
4 142.250.186.161 15169 (GOOGLE)
18 142.250.74.194 15169 (GOOGLE)
6 172.217.16.130 15169 (GOOGLE)
1 142.250.185.102 15169 (GOOGLE)
3 142.250.185.164 15169 (GOOGLE)
1 142.250.185.225 15169 (GOOGLE)
1 142.250.185.214 15169 (GOOGLE)
12 142.250.186.97 15169 (GOOGLE)
1 104.21.9.187 13335 (CLOUDFLAR...)
5 216.58.212.166 15169 (GOOGLE)
5 13 142.250.185.66 15169 (GOOGLE)
2 4 2.21.141.232 16625 (AKAMAI-AS)
2 3 37.252.172.250 29990 (ASN-APPNEX)
1 2.21.141.58 16625 (AKAMAI-AS)
1 136.243.15.236 24940 (HETZNER-AS)
1 78.47.15.207 24940 (HETZNER-AS)
8 144.76.184.162 24940 (HETZNER-AS)
2 3 34.98.64.218 15169 (GOOGLE)
2 104.90.104.248 16625 (AKAMAI-AS)
4 138.201.84.252 24940 (HETZNER-AS)
1 4 144.76.91.199 24940 (HETZNER-AS)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 185.172.148.132 44239 (PROINITY ...)
2 46.236.13.147 24931 (DEDIPOWER)
1 2 142.250.185.134 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 54.76.176.197 16509 (AMAZON-02)
1 104.111.239.217 16625 (AKAMAI-AS)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 1 169.50.137.190 36351 (SOFTLAYER)
1 13.248.242.197 16509 (AMAZON-02)
1 72.251.244.141 29791 (VOXEL-DOT...)
1 1 31.172.81.160 44066 (DE-FIRSTC...)
1 54.77.232.22 16509 (AMAZON-02)
1 143.204.209.2 16509 (AMAZON-02)
1 151.101.2.137 54113 (FASTLY)
1 185.221.87.248 206998 (NEW-2)
1 104.18.225.52 13335 (CLOUDFLAR...)
2 54.75.239.54 16509 (AMAZON-02)
324 65
121    104.22.9.68 (None, )

ASN13335 (CLOUDFLARENET, US)
newsmaker.md
3    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com
1    77.88.55.80 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: yandex.ru
yandex.ru
1    104.21.7.243 (None, )

ASN13335 (CLOUDFLARENET, US)
dsail-tech.com
5    104.18.226.52 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    104.16.95.65 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
2    142.250.74.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net
www.googletagmanager.com
12    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
2    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
2    91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    13.225.87.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-6.fra2.r.cloudfront.net
static.hotjar.com
5    178.154.131.216 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net
yastatic.net
7    93.158.134.90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
4    128.140.224.227 (Romania)

ASN5606 (GTS-BACKBONE GTS Telecom, RO)
gamd.hit.gemius.pl
10    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.youtube.com
3    185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
www.facebook.com
1    2.16.107.27 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-27.deploy.static.akamaitechnologies.com
code.createjs.com
2    93.158.134.158 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: s3.yandex.net
banners.adfox.ru
6    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
www.googletagservices.com
17    77.88.21.179 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net
ads.adfox.ru
2    86.105.81.36 (Briceni, Moldova)

ASN8926 (MOLDTELECOM-AS Moldtelecom Autonomous System, MD)
PTR: www.rtr.md
rtr.md
1    13.32.29.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-81.fra56.r.cloudfront.net
rules.quantcount.com
1    13.224.193.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-121.fra2.r.cloudfront.net
script.hotjar.com
1    146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu
ls.hit.gemius.pl
1    173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net
stats.g.doubleclick.net
1    13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net
vars.hotjar.com
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
4    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
adservice.google.de
adservice.google.com
4    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
18    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
pagead2.googlesyndication.com
6    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
googleads.g.doubleclick.net
adservice.google.de
1    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
static.doubleclick.net
3    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
1    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
yt3.ggpht.com
1    142.250.185.214 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f22.1e100.net
i.ytimg.com
12    142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net
tpc.googlesyndication.com
1    104.21.9.187 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.plyr.io
5    216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net
s0.2mdn.net
13    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
4    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2.21.141.58 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-58.deploy.static.akamaitechnologies.com
s79.mxcdn.net
1    136.243.15.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h339.meetrics.de
stat.meetrics.net
1    78.47.15.207 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h549.meetrics.de
s79.research.de.com
8    144.76.184.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h359.meetrics.de
b181.s79.research.de.com
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com
sync.teads.tv
4    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de
hal9000.redintelligence.net
4    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal900018.redintelligence.net
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Schwaig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    185.172.148.132 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    72.251.244.141 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
1    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
1    54.77.232.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-232-22.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    143.204.209.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-2.fra53.r.cloudfront.net
analytics.webgains.io
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    185.221.87.248 (Ireland)

ASN206998 (NEW-2, IE)
bam.eu01.nr-data.net
1    104.18.225.52 (None, )

ASN13335 (CLOUDFLARENET, US)
onesignal.com
2    54.75.239.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
121 newsmaker.md
newsmaker.md
2 MB
34 googlesyndication.com
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
189 KB
26 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
5994599.fls.doubleclick.net
299 KB
19 adfox.ru
banners.adfox.ru
ads.adfox.ru
75 KB
12 gstatic.com
fonts.gstatic.com
149 KB
10 youtube.com
www.youtube.com
697 KB
9 de.com
s79.research.de.com
b181.s79.research.de.com
3 KB
8 redintelligence.net
hal9000.redintelligence.net
hal900018.redintelligence.net
58 KB
8 yandex.ru
yandex.ru
an.yandex.ru
96 KB
6 google.com
adservice.google.com
www.google.com
15 KB
6 googletagservices.com
www.googletagservices.com
178 KB
6 onesignal.com
cdn.onesignal.com
onesignal.com
img.onesignal.com
88 KB
5 2mdn.net
s0.2mdn.net
67 KB
5 gemius.pl
gamd.hit.gemius.pl
ls.hit.gemius.pl
15 KB
5 yastatic.net
yastatic.net
335 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 facebook.net
connect.facebook.net
247 KB
3 webgains.io
analytics.webgains.io
api.webgains.io
51 KB
3 medialead.de
pv.medialead.de
medialead.de
2 KB
3 openx.net
us-u.openx.net
829 B
3 adnxs.com
ib.adnxs.com
3 KB
3 facebook.com
www.facebook.com
419 B
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
63 KB
3 googleapis.com
fonts.googleapis.com
2 KB
2 webgains.com
track.webgains.com
2 KB
2 teads.tv
sync.teads.tv
344 B
2 google.de
adservice.google.de
975 B
2 rtr.md
rtr.md
328 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 googletagmanager.com
www.googletagmanager.com
88 KB
1 nr-data.net
bam.eu01.nr-data.net
959 B
1 newrelic.com
js-agent.newrelic.com
12 KB
1 yieldmo.com
ads.yieldmo.com
35 B
1 sniperlog.ru
sync3.sniperlog.ru
679 B
1 m6r.eu
tracking.m6r.eu
1 adsrvr.org
match.adsrvr.org
265 B
1 simpli.fi
um.simpli.fi
715 B
1 mathtag.com
sync.mathtag.com
832 B
1 awin1.com
www.awin1.com
702 B
1 ad-server.eu
ad-server.eu
312 B
1 office-partner.de
adv.office-partner.de
1 KB
1 media01.eu
pb.media01.eu
629 B
1 meetrics.net
stat.meetrics.net
351 B
1 mxcdn.net
s79.mxcdn.net
57 KB
1 plyr.io
cdn.plyr.io
2 KB
1 ytimg.com
i.ytimg.com
109 KB
1 ggpht.com
yt3.ggpht.com
3 KB
1 quantcount.com
rules.quantcount.com
1 KB
1 createjs.com
code.createjs.com
63 KB
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 dsail-tech.com
dsail-tech.com
539 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
324 53
Domain Requested by
121 newsmaker.md 1 redirects newsmaker.md
static.cloudflareinsights.com
18 pagead2.googlesyndication.com securepubads.g.doubleclick.net
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
googleads.g.doubleclick.net
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
newsmaker.md
tpc.googlesyndication.com
17 ads.adfox.ru newsmaker.md
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
tpc.googlesyndication.com
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
12 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
11 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
10 www.youtube.com newsmaker.md
www.youtube.com
8 b181.s79.research.de.com fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
newsmaker.md
7 an.yandex.ru yandex.ru
6 www.googletagservices.com yandex.ru
securepubads.g.doubleclick.net
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
5 s0.2mdn.net newsmaker.md
s0.2mdn.net
5 googleads.g.doubleclick.net www.youtube.com
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
newsmaker.md
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
5 yastatic.net yandex.ru
4 hal900018.redintelligence.net 1 redirects 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
hal900018.redintelligence.net
4 hal9000.redintelligence.net 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
hal900018.redintelligence.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
4 gamd.hit.gemius.pl 1 redirects newsmaker.md
gamd.hit.gemius.pl
4 connect.facebook.net newsmaker.md
connect.facebook.net
3 us-u.openx.net 2 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.google.com www.youtube.com
tpc.googlesyndication.com
3 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
3 onesignal.com cdn.onesignal.com
3 www.facebook.com newsmaker.md
3 fonts.googleapis.com newsmaker.md
hal900018.redintelligence.net
2 api.webgains.io analytics.webgains.io
2 5994599.fls.doubleclick.net 1 redirects newsmaker.md
2 track.webgains.com newsmaker.md
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
2 pv.medialead.de 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net newsmaker.md
2 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 rtr.md newsmaker.md
2 banners.adfox.ru yandex.ru
newsmaker.md
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com newsmaker.md
adv.office-partner.de
2 cdn.onesignal.com newsmaker.md
cdn.onesignal.com
1 img.onesignal.com
1 bam.eu01.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com newsmaker.md
1 analytics.webgains.io track.webgains.com
1 ads.yieldmo.com 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
1 sync3.sniperlog.ru 1 redirects
1 tracking.m6r.eu 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
1 match.adsrvr.org 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 sync.mathtag.com 1 redirects
1 www.awin1.com 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
1 ad-server.eu 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 adv.office-partner.de hal900018.redintelligence.net
1 pb.media01.eu hal900018.redintelligence.net
1 s79.research.de.com s79.mxcdn.net
1 stat.meetrics.net s79.mxcdn.net
1 s79.mxcdn.net s0.2mdn.net
1 cdn.plyr.io newsmaker.md
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 pixel.quantserve.com newsmaker.md
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ls.hit.gemius.pl gamd.hit.gemius.pl
1 script.hotjar.com static.hotjar.com
1 rules.quantcount.com secure.quantserve.com
1 code.createjs.com yandex.ru
1 static.hotjar.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 static.cloudflareinsights.com newsmaker.md
1 dsail-tech.com newsmaker.md
1 yandex.ru newsmaker.md
0 google2waycm.netmng.com Failed 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
324 75

This site contains links to these domains. Also see Links.

Domain
www.fb.com
twitter.com
www.instagram.com
www.youtube.com
t.me
ads.adfox.ru
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
bs.yandex.ru
Yandex CA		 2021-05-31 -
2021-11-29		 6 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
s3.yandex.net
Yandex CA		 2021-08-31 -
2022-03-01		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.adfox.ru
Yandex CA		 2021-07-27 -
2022-01-06		 5 months crt.sh
rtr.md
Sectigo RSA Domain Validation Secure Server CA		 2019-10-24 -
2021-10-23		 2 years crt.sh
*.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.mxcdn.net
DigiCert SHA2 Secure Server CA		 2020-12-07 -
2021-12-14		 a year crt.sh
meetrics.net
R3		 2021-09-22 -
2021-12-21		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
redintelligence.net
R3		 2021-08-20 -
2021-11-18		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
adv.office-partner.de
R3		 2021-09-08 -
2021-12-07		 3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
ad-server.eu
R3		 2021-08-17 -
2021-11-15		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
m6r.eu
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.newrelic.com
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-24 -
2022-06-24		 a year crt.sh

This page contains 26 frames:

Primary Page: https://newsmaker.md/
Frame ID: 41130927A511C38767E33743197E9193
Requests: 196 HTTP requests in this frame

Frame: https://code.createjs.com/1.0.0/createjs.min.js
Frame ID: 26ECD45959482A241F464F1475DCB115
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: D67A011AB2BC522B3C0A128AAB708A32
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: F2393E4DAC57B1D47D994C7F321C2EDC
Requests: 9 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: C8AFFDFFCB105076A7C2B93AE645127A
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: D0DC8197CED4329361B552F7BEC86675
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
Frame ID: 5CCE155544313314A6A96BAEEBBB426F
Requests: 16 HTTP requests in this frame

Frame: https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7D9F83B5F715F5A2FA59496C9774DFE4
Requests: 1 HTTP requests in this frame

Frame: https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3D0448E5BA2C30BB2648B7E2F3E800B6
Requests: 24 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3240EBF157869356639B89FBA45C3B01
Requests: 1 HTTP requests in this frame

Frame: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 957C7F36A0179E94637E98ECE75C24E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiUrLazATAB&v=APEucNU4TMMV20LWzSLsURywvcExr86AueF4JI4hJEcBnzoHphALS-3x6cNgNTh1ExFHx1HHA4-gbKtnRNI98esQb_J0XxeLetwoy-NasB5T0kCD3HR-GuxGcCPabQrCTcVJpSj9VYenzlbsv2kH2jn2SWpHZa4lr0lNLN3CNfKzPPkW9s9WwLTc4pY2Qx23DNMSAkxdCyzarBJQh64JPpDUa5s9-eynLg
Frame ID: 21C36CBDA81B2552934CB56856F3C782
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D85EA4B157B77BEDC62E503B351794DA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7021BFE4AEF5173AD3E640071950A13C
Requests: 2 HTTP requests in this frame

Frame: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C448794BEB5639DE7EC7DBCBD1197650
Requests: 17 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/index.html
Frame ID: B55FF0E1232F6A0BBD932B798017ACC9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXf4QMIbP4aKHbYu3coZ-ZQup-VjwCk4-xGx7Qx2YB3gKn2qenQW3J5hpSmPbyVd_wDxFyuDNGA6kq98MCxHYpOY4ReSGVOGiTkU2WyArMD-FyS65UuNbJZbLreJUue2cdcOpSE6_sAsVTQZCxsPbLLj8Bxp_oKuL8GQ8FfLjZVPmUQXoP7it6LWH62HYSKGXCjr1YNAZ9Qz8_clhQksI_40F4QLQ
Frame ID: 01FAD86C1E46D40B4F41752B574737AA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F09FF68120BE574FD8728CA490FE4C26
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 560F4EC890E3871C8077F797E5911F82
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 53E92C85ABAC64CFC3DA29F593897590
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 647CB5F091B2373657BB250FD0534856
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99571300197987300710612011732018&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: F2B9E839CF05192AFC9674B6F2E256F9
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: CCE71A6F59A80F30B1AC78C77B5411CE
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COPsk_3wpPMCFewC0wod_r8Nrg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052
Frame ID: 5F558FC59EE56A4B204C2B0485B74466
Requests: 2 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=99571300197987300710612011732018&a=6ef51398
Frame ID: 3D91FDC9A8E4FEAD50CAD28841E2510F
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1CBD5D8E77363950821CC290B0C7E901
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cамые важные новости Молдовы и мира - NewsMaker

Page URL History Show full URLs

  1. http://newsmaker.md/ HTTP 301
    https://newsmaker.md/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

324
Requests

100 %
HTTPS

0 %
IPv6

53
Domains

75
Subdomains

65
IPs

11
Countries

5993 kB
Transfer

13909 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://newsmaker.md/ HTTP 301
    https://newsmaker.md/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 188
  • https://gamd.hit.gemius.pl/_1632942530679/rexdot.js?l=100&id=ndzrEfcX7.nQvebCdkDwDre_.KlkCdh.uD5ake8MBq3.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnewsmaker.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=728&lsdata=41InAjeJGKDN5bqoAstR.wPFI49y_m26b.J4QVWF8_H.Q7fNUC6tdkMk9Rg2PGBkCa9qvRBdf29RDrsdrNE8pfbjmix1/p0c2t0_UR.zcL/&fpdata=knzKkXSkdoB8BPPN7ZVURJFqh4NuB56ciCB6eJu48XP.l7&vis=1&fpcap= HTTP 301
  • https://gamd.hit.gemius.pl/__/_1632942530679/rexdot.js?l=100&id=ndzrEfcX7.nQvebCdkDwDre_.KlkCdh.uD5ake8MBq3.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnewsmaker.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=728&lsdata=41InAjeJGKDN5bqoAstR.wPFI49y_m26b.J4QVWF8_H.Q7fNUC6tdkMk9Rg2PGBkCa9qvRBdf29RDrsdrNE8pfbjmix1/p0c2t0_UR.zcL/&fpdata=knzKkXSkdoB8BPPN7ZVURJFqh4NuB56ciCB6eJu48XP.l7&vis=1&fpcap=
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnclswFJDhDHYPAUvUk6J0&google_cver=1
Request Chain 234
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVS5xF7nM92GLCftFzEfYQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnclswFJDhDHYPAUvUk6J0&google_cver=1
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPxwdFCAq79DCA3bj_-LygQ&google_cver=1
Request Chain 236
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM5OTYxMTYxMzgyMjQ0NjYxNg%3D%3D
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFnLXiqU0QrUTgPQyLwtQGA&google_cver=1
Request Chain 264
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDczMzZlOTYtZmU5Yy0yMWNhLWNiN2UtZDU5M2VjNjc4OTg1
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEqFfKvInaBc-VU8CRrX8Os&google_cver=1
Request Chain 274
  • https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=c42a4e7b79&subid=&uid=11f4959f7e6a8ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuy6hxLlUYZ7_As6c-gbSiY6gB7XN-YNX_Ni5q-UM8C4QASCxk-15YJUCyAEJqQJRsKvVDnyzPqgDAaoE9QFP0EODDW7f6IWh7x136CRib-ZUsd6rHuvdtCIXmYFwTJuFkgT_WiQ4T67CrdpAfct73-VoAn09pl3SPBy1XH6YDw4ley9aIHwJtq6-EbV9SuwRrH2T19-XinfgeflBkps6dMr24Av0mGZoTWCpUeohTKM87FRtVlSS7aUMBg3qiN_zp1i6B_L5SBiZaQEUEu_bzUuG29ypyjWfmSeDHXUPEhKfWYVDwbAP__xPObjlzeG84hzqokSHvydYRNnwQ7noZRWRsEV0BbRTGHNfLDANQl5c2k3dT_ce6z1AeOuY_-R-YVbRwS5237VERVOBDigP6YZ0O8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI4MDc1OTM3MTgzNjYzNzSACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLn1gsBEqREKQYAi1Votkbw%26sig%3DAOD64_1ApJPY_ArA6lcUdtyNaqpcuFCuoQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-DLzdcSFU5EFqJXHbXG3mXwvlFs1IH1tqUq6WtjTMdqxa68UruVSxtgb8ED1PUFTuzccUMwHbJkKXNTjb1MNrJs20O7DPc2wQ1aMBg-hDYCHd1IazYyQ6X5NJ0JdXWN9vOUo71Z5F3MK6HC5O7kJ43fv3O1DQ%26cry%3D1%26dbm_d%3DAKAmf-BfWDwW_GxHP8-85n-gCy0DVJFXTfERkcUIesHezJ-aEDwjCKTlzL9_e9wJfYlUg_GgrnyjjRGwkrz1fcWdxzzEKgVBqYMipI-4PlUBJlZogpVAqzfAX0ejsoC9-EHwBgDbLjdk-SD1uKkkGYabnQM0ymR8mruW_SyzJAla6thBEM327mmzlyPtXOo_iMQ51SuiCviu6_h93EX5RdOvc1YDsHWJNz6LExcBDTRZGh8q7lQ9eoNMBtfktuHj8rzfg77UjRu5rI-bPm-fWBfyyBhtv-aJIlVFugkYU5O3ayw8rJ3s0pO8zIJJrf3RuUZVZsdp45Kyh9bvZWdIzn1Ctn1kUvk9kkGUeJPUadMR1zICWtZCSVSpYG5NAVrkVrIFf4mxOgVUBdTf4qXLLdw9Fo0GN5BvIapnLBhpBLQzm4QXL7nOBKfg1lTXcrMHY1nhPuXYBqDp%26adurl%3D&documentReferer=https%3A%2F%2Fnewsmaker.md%2F&ancestorOrigins=https%3A%2F%2Fnewsmaker.md%2Chttps%3A%2F%2Fnewsmaker.md&random=4828386229744&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=c42a4e7b79&subid=&uid=11f4959f7e6a8ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuy6hxLlUYZ7_As6c-gbSiY6gB7XN-YNX_Ni5q-UM8C4QASCxk-15YJUCyAEJqQJRsKvVDnyzPqgDAaoE9QFP0EODDW7f6IWh7x136CRib-ZUsd6rHuvdtCIXmYFwTJuFkgT_WiQ4T67CrdpAfct73-VoAn09pl3SPBy1XH6YDw4ley9aIHwJtq6-EbV9SuwRrH2T19-XinfgeflBkps6dMr24Av0mGZoTWCpUeohTKM87FRtVlSS7aUMBg3qiN_zp1i6B_L5SBiZaQEUEu_bzUuG29ypyjWfmSeDHXUPEhKfWYVDwbAP__xPObjlzeG84hzqokSHvydYRNnwQ7noZRWRsEV0BbRTGHNfLDANQl5c2k3dT_ce6z1AeOuY_-R-YVbRwS5237VERVOBDigP6YZ0O8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI4MDc1OTM3MTgzNjYzNzSACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLn1gsBEqREKQYAi1Votkbw%26sig%3DAOD64_1ApJPY_ArA6lcUdtyNaqpcuFCuoQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-DLzdcSFU5EFqJXHbXG3mXwvlFs1IH1tqUq6WtjTMdqxa68UruVSxtgb8ED1PUFTuzccUMwHbJkKXNTjb1MNrJs20O7DPc2wQ1aMBg-hDYCHd1IazYyQ6X5NJ0JdXWN9vOUo71Z5F3MK6HC5O7kJ43fv3O1DQ%26cry%3D1%26dbm_d%3DAKAmf-BfWDwW_GxHP8-85n-gCy0DVJFXTfERkcUIesHezJ-aEDwjCKTlzL9_e9wJfYlUg_GgrnyjjRGwkrz1fcWdxzzEKgVBqYMipI-4PlUBJlZogpVAqzfAX0ejsoC9-EHwBgDbLjdk-SD1uKkkGYabnQM0ymR8mruW_SyzJAla6thBEM327mmzlyPtXOo_iMQ51SuiCviu6_h93EX5RdOvc1YDsHWJNz6LExcBDTRZGh8q7lQ9eoNMBtfktuHj8rzfg77UjRu5rI-bPm-fWBfyyBhtv-aJIlVFugkYU5O3ayw8rJ3s0pO8zIJJrf3RuUZVZsdp45Kyh9bvZWdIzn1Ctn1kUvk9kkGUeJPUadMR1zICWtZCSVSpYG5NAVrkVrIFf4mxOgVUBdTf4qXLLdw9Fo0GN5BvIapnLBhpBLQzm4QXL7nOBKfg1lTXcrMHY1nhPuXYBqDp%26adurl%3D&documentReferer=https%3A%2F%2Fnewsmaker.md%2F&ancestorOrigins=https%3A%2F%2Fnewsmaker.md%2Chttps%3A%2F%2Fnewsmaker.md&random=4828386229744&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 278
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=99571300197987300710612011732018&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99571300197987300710612011732018&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 281
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COPsk_3wpPMCFewC0wod_r8Nrg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052
Request Chain 283
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99571300197987300710612011732018 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99571300197987300710612011732018 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 293
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKgXmtq-47mS4mqKHRI9vwU&google_cver=1&google_push=AYg5qPLNDZIMAizJbpciXNnWP40ZNDrzJwEFgXDzec1L2hTIHe-jd3DKCgLI5eqBG7TDybsWgE3CFIQPLkq8iedfrCTu-Ub9H1ewtw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLNDZIMAizJbpciXNnWP40ZNDrzJwEFgXDzec1L2hTIHe-jd3DKCgLI5eqBG7TDybsWgE3CFIQPLkq8iedfrCTu-Ub9H1ewtw
Request Chain 294
  • https://um.simpli.fi/gp_match?google_gid=CAESECgzbVUXH7nSMGwZN7LUPxo&google_cver=1&google_push=AYg5qPJj2yTzB4ALaWdo1Wny0YShtfTSd1eraCQkTQZdvH2zACkJb_sn6kSXboXV4-ZEaURYIHLfx9icfmlNZn7ArH4wkwCRLiZW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F5E7DB5E8964A74B5B105DDFC1B03F9&google_push=AYg5qPJj2yTzB4ALaWdo1Wny0YShtfTSd1eraCQkTQZdvH2zACkJb_sn6kSXboXV4-ZEaURYIHLfx9icfmlNZn7ArH4wkwCRLiZW
Request Chain 297
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEKOmtPk5mQD64RWRvdbVN3k&google_cver=1&google_push=AYg5qPL_QTDBqQYs2gWTka59nJ2_GdiTITwmwA12QVa_RdaDAWWUpWETxL-sXXO-p2n8F0u9MyhoQgB1wSVYx5o54S8Us8snQdlZkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPL_QTDBqQYs2gWTka59nJ2_GdiTITwmwA12QVa_RdaDAWWUpWETxL-sXXO-p2n8F0u9MyhoQgB1wSVYx5o54S8Us8snQdlZkA

324 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsmaker.md/
Redirect Chain
  • http://newsmaker.md/
  • https://newsmaker.md/
286 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d92f3cd5f8a197458b78005ac19d846c99dfbd62b749e191d247ca8b7ca2e817
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:method
GET
:authority
newsmaker.md
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-type
text/html; charset=UTF-8
link
<https://newsmaker.md/wp-json/>; rel="https://api.w.org/" <https://newsmaker.md/wp-json/wp/v2/pages/409>; rel="alternate"; type="application/json" <https://newsmaker.md/>; rel=shortlink
vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-litespeed-cache
hit
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
server
cloudflare
cf-ray
696780940cd042c9-FRA
content-encoding
br

Redirect headers

Date
Wed, 29 Sep 2021 19:08:48 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 29 Sep 2021 20:08:48 GMT
Location
https://newsmaker.md/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
69678093ca9b5c14-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
f1882c762bf492837eea6aa2758ab13645e3a29e02bfa1b0aa40ae38f9815d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 19:02:12 GMT
server
ESF
date
Wed, 29 Sep 2021 19:08:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Sep 2021 19:08:48 GMT
css
fonts.googleapis.com/ 		7 KB
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
f454fde17fa6bf2c65d4cf5f445bf90ff15a7c3c65c21483d1901c53071d59e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 19:08:48 GMT
server
ESF
date
Wed, 29 Sep 2021 19:08:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Sep 2021 19:08:48 GMT
yop-poll-public-6.3.1.css
newsmaker.md/wp-content/plugins/yop-poll/public/assets/css/ 		155 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/plugins/yop-poll/public/assets/css/yop-poll-public-6.3.1.css
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b364434612afdae293afa0b297fee8c6f414d51580918e3380fcdf26ed652149
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/plugins/yop-poll/public/assets/css/yop-poll-public-6.3.1.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
78891
cf-polished
origSize=159391
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 28 Sep 2021 21:13:52 GMT
server
cloudflare
etag
W/"26e9f-61538590-5ab256;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
text/css
expires
Tue, 05 Oct 2021 21:13:57 GMT
cache-control
public, max-age=604800
cf-ray
696780946def42c9-FRA
cf-bgj
minify
form-themes.css
newsmaker.md/wp-content/plugins/mailchimp-for-wp/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e6e7e707a1c7384b623b2bc5120e04e0cf1bf002db7fc39dc86e02e7346e3d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
46
cf-polished
origSize=6836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 26 Jun 2021 20:12:29 GMT
server
cloudflare
etag
W/"1ab4-60d78a2d-3b00b4;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
text/css
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
cf-ray
696780946df042c9-FRA
cf-bgj
minify
evo-core.css
newsmaker.md/wp-content/themes/evonews/includes/assets/css/ 		181 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/css/evo-core.css
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3930ccca849a4701b1ef1f50234cc1c45f87386293696a447fa6050e596f0ea5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/css/evo-core.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
48
cf-polished
status=cannot_optimize
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
etag
W/"2d373-5e212590-6400a1;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
text/css
expires
Tue, 05 Oct 2021 07:02:06 GMT
cache-control
public, max-age=604800
cf-ray
696780946df242c9-FRA
cf-bgj
minify
style.css
newsmaker.md/wp-content/themes/evonews-child/ 		30 B
178 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews-child/style.css
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef4ec5b374f8f0ef4bd2a2a4e30281a0f818f4dab094a10404af0b1008abd415
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews-child/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
46
cf-polished
origSize=707
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30
last-modified
Wed, 12 Aug 2020 00:45:36 GMT
server
cloudflare
etag
"2c3-5f333bb0-5907cd;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
text/css
expires
Tue, 05 Oct 2021 07:02:06 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780946df542c9-FRA
cf-bgj
minify
css-settings.css
newsmaker.md/wp-content/themes/evonews/includes/assets/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/css/css-settings.css
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b005fe8dbea798d126a6bae46550e82f9ea942322f265459ffbe118af318f7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/css/css-settings.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
46
cf-polished
origSize=15314
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
etag
W/"3bd2-5e212590-64009e;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
text/css
expires
Tue, 05 Oct 2021 07:02:06 GMT
cache-control
public, max-age=604800
cf-ray
696780946df742c9-FRA
cf-bgj
minify
js_composer.min.css
newsmaker.md/wp-content/plugins/js_composer/assets/css/ 		474 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/plugins/js_composer/assets/css/js_composer.min.css
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f59fc654b5a739d372c1f6954a666d6518236ac67134523277a5548ec40ad0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/plugins/js_composer/assets/css/js_composer.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Aug 2020 00:50:49 GMT
server
cloudflare
age
6034
etag
W/"76726-5f333ce9-5c0092;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
696780946df942c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:06 GMT
custom.css
newsmaker.md/wp-content/uploads/js_composer/ 		104 B
273 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/uploads/js_composer/custom.css
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77605ce37726862fd599ea12f11268092cb76e519655cd1ad96fbfb77a442aff
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/js_composer/custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
46
cf-polished
origSize=127
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 12 Aug 2020 00:50:52 GMT
server
cloudflare
etag
W/"7f-5f333cec-180001;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
text/css
expires
Tue, 05 Oct 2021 07:02:07 GMT
cache-control
public, max-age=604800
cf-ray
696780946dfc42c9-FRA
cf-bgj
minify
zH-OZWuXqPtD7EmIEgbZWtq4FTA.js
newsmaker.md/cdn-cgi/apps/head/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/cdn-cgi/apps/head/zH-OZWuXqPtD7EmIEgbZWtq4FTA.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51cb909b98efa0eadc7028440e93823cf37ce09f2bed4f0d5853910adb8f7564
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/cdn-cgi/apps/head/zH-OZWuXqPtD7EmIEgbZWtq4FTA.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
797144
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
KANN0TT610894M9P
x-amz-id-2
Y0jolQpH9VQ4tFdiA6mLO/LgpltVL2+7hmqDBLrxbSdlPOl91/cSkWRyzUVMaOUvJW1jKFFrSpc=
last-modified
Fri, 11 Jun 2021 22:29:51 GMT
server
cloudflare
etag
W/"67c93bcd59b1f2651a82cb5e78ad3067"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
n5e2Ft.fWM_3t8GF8AdMkiNlPGfwcZgi
cf-ray
696780947e0742c9-FRA
css_async.min.js
newsmaker.md/wp-content/plugins/litespeed-cache/assets/js/ 		1 KB
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/plugins/litespeed-cache/assets/js/css_async.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/plugins/litespeed-cache/assets/js/css_async.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Sep 2021 11:28:17 GMT
server
cloudflare
age
4577
etag
W/"549-61505951-5a9d33;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
696780947e0942c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
jquery.min.js
newsmaker.md/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-includes/js/jquery/jquery.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-includes/js/jquery/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jul 2021 23:23:41 GMT
server
cloudflare
age
48
etag
W/"15db1-6101e6fd-192348;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
696780947e0a42c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
jquery-migrate.min.js
newsmaker.md/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:30:03 GMT
server
cloudflare
age
46
etag
W/"2bd8-5fd15dfb-1902f6;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
696780947e0b42c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
yop-poll-public-6.3.1.min.js
newsmaker.md/wp-content/plugins/yop-poll/public/assets/js/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/plugins/yop-poll/public/assets/js/yop-poll-public-6.3.1.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
367e90ba0364aed9878db2a492f38c9d0d20f4a446f4e4848abf38b099ffa950
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/plugins/yop-poll/public/assets/js/yop-poll-public-6.3.1.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 21:13:52 GMT
server
cloudflare
age
78891
etag
W/"b3a9-61538590-5ad950;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
696780947e0c42c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 21:13:57 GMT
context.js
yandex.ru/ads/system/ 		300 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.80 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
6aa387ac924286fc5728aba699f690ef3d1934382210a4cfd23f33e9904a31bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag
90629748
x-yandex-req-id
1632942528904779-6792000267418971570-man1-0313-man-l7-balancer-8080-BAL-8011
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 29 Sep 2021 20:08:48 GMT
logo.png
newsmaker.md/wp-content/uploads/2019/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/01/logo.png
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf6f40a49440fa0927abc940e074b0d82d937db507b67a17bbbca9357515174
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/01/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept
cf-cache-status
HIT
age
4479
cf-polished
origFmt=png, origSize=6002
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2970
last-modified
Thu, 14 Mar 2019 21:42:40 GMT
server
cloudflare
etag
"1772-5c8acad0-6402f1;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/webp
expires
Wed, 06 Oct 2021 17:54:09 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8df4e80-FRA
cf-bgj
imgq:100,h2pri
logo_red.png
newsmaker.md/wp-content/uploads/2019/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/01/logo_red.png
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08283477b2fc096fac0a30f63c4d9df8f825009bd06a0088ede37566e32bb8a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/01/logo_red.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept
cf-cache-status
HIT
age
42
cf-polished
origFmt=png, origSize=6054
content-disposition
inline; filename="logo_red.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2970
last-modified
Thu, 14 Mar 2019 21:40:01 GMT
server
cloudflare
etag
"17a6-5c8aca31-640307;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/webp
expires
Tue, 05 Oct 2021 07:02:02 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8e14e80-FRA
cf-bgj
imgq:100,h2pri
screen-shot-2021-09-24-at-16.55.33-220x180.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/screen-shot-2021-09-24-at-16.55.33-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef0a4f12ba46c0782cb529d507bf4080592de794057b42d4ddf588edb24dc16
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/screen-shot-2021-09-24-at-16.55.33-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
385654
cf-polished
origSize=7549, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7344
last-modified
Fri, 24 Sep 2021 15:40:07 GMT
server
cloudflare
etag
"1d7d-614df157-3a0833;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Sat, 02 Oct 2021 08:01:14 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8e24e80-FRA
cf-bgj
imgq:100,h2pri
60567-220x180.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/60567-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a445be541815561430b812d9d8d9f55bf92b0d86e9441f947dd939be87caf33d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/60567-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
127
cf-polished
origSize=15545, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15359
last-modified
Wed, 29 Sep 2021 19:06:22 GMT
server
cloudflare
etag
"3cb9-6154b92e-3a1d70;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 19:06:41 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8e34e80-FRA
cf-bgj
imgq:100,h2pri
robu-220x180.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/robu-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf691d5101bf5c7ed6f8238444394838342646e8f1eac32a0fc803656249d81
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/robu-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
3076
cf-polished
origSize=14143, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13955
last-modified
Wed, 29 Sep 2021 18:16:56 GMT
server
cloudflare
etag
"373f-6154ad98-3a1d4b;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 18:17:32 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8e44e80-FRA
cf-bgj
imgq:100,h2pri
v-rumynii-prodolzhaet-rasti-chislo-novyh-sluchaev-koronavirusa-i-letalnyh-ishodov_5f2c8ba265805-220x180.jpeg
newsmaker.md/wp-content/uploads/2020/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2020/12/v-rumynii-prodolzhaet-rasti-chislo-novyh-sluchaev-koronavirusa-i-letalnyh-ishodov_5f2c8ba265805-220x180.jpeg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32de73ff3914de16f897ea692b5d2f6339029eab158b0d54bbd9520ce95141bc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2020/12/v-rumynii-prodolzhaet-rasti-chislo-novyh-sluchaev-koronavirusa-i-letalnyh-ishodov_5f2c8ba265805-220x180.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
5104
cf-polished
origSize=6084, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6063
last-modified
Thu, 24 Dec 2020 13:26:32 GMT
server
cloudflare
etag
"17c4-5fe49708-208dc2;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 17:43:44 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8e54e80-FRA
cf-bgj
imgq:100,h2pri
243260720_244741594331415_813855344719899036_n-220x180.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/243260720_244741594331415_813855344719899036_n-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e5cf32f949f9982b17aacfac50b9bd1f6f912da184f39afff08ce2f0aa50b3c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/243260720_244741594331415_813855344719899036_n-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
5722
cf-polished
origSize=12335, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12206
last-modified
Wed, 29 Sep 2021 16:51:52 GMT
server
cloudflare
etag
"302f-615499a8-3a1d31;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 17:33:26 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8e64e80-FRA
cf-bgj
imgq:100,h2pri
8aa29a05-067f-48a7-b57c-f48306679ec5-220x180.jpg
newsmaker.md/wp-content/uploads/2020/11/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2020/11/8aa29a05-067f-48a7-b57c-f48306679ec5-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c8692b22029609a476063d35705db79399ddfc9d549a78caf4936f731275cf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2020/11/8aa29a05-067f-48a7-b57c-f48306679ec5-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
7509
cf-polished
origSize=6924, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6874
last-modified
Fri, 20 Nov 2020 12:37:10 GMT
server
cloudflare
etag
"1b0c-5fb7b876-5f5662;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 17:03:39 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8e94e80-FRA
cf-bgj
imgq:100,h2pri
image-12-220x180.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/image-12-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f9365a073ca5da61ce70d32e20634a36b3b084f2e77c347ff4262833c14ae01
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/image-12-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
10915
cf-polished
origSize=13015, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12911
last-modified
Thu, 08 Jul 2021 13:06:59 GMT
server
cloudflare
etag
"32d7-60e6f873-2a5022;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 16:06:53 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8ea4e80-FRA
cf-bgj
imgq:100,h2pri
243218069_404621854365943_8004597719608511378_n-220x180.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/243218069_404621854365943_8004597719608511378_n-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9edb924c9cfcf6b108f393481e54ad29debe9a17d7e631b4d75791d7fb10041
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/243218069_404621854365943_8004597719608511378_n-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
11382
cf-polished
origSize=13077, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12983
last-modified
Wed, 29 Sep 2021 15:58:24 GMT
server
cloudflare
etag
"3315-61548d20-3a1ce9;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 15:59:06 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8ec4e80-FRA
cf-bgj
imgq:100,h2pri
162194588_798222037448340_997475523406560777_o-220x180.jpeg
newsmaker.md/wp-content/uploads/2021/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/03/162194588_798222037448340_997475523406560777_o-220x180.jpeg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8301c5a0218c588e832b71c13136a914d2666332b54dcf4fdb5a1e5020f58d4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/03/162194588_798222037448340_997475523406560777_o-220x180.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4951
cf-polished
origSize=8269, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8214
last-modified
Fri, 19 Mar 2021 12:24:25 GMT
server
cloudflare
etag
"204d-605497f9-5b7408;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Mon, 27 Sep 2021 15:57:56 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8ed4e80-FRA
cf-bgj
imgq:100,h2pri
243360774_226883052815720_1651944771575421773_n-220x180.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/243360774_226883052815720_1651944771575421773_n-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d71e126d67b94a253f443971cc3fa2559aee69d582b6bd613d4c2cc72ddfa2a7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/243360774_226883052815720_1651944771575421773_n-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
14774
cf-polished
origSize=9912, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9740
last-modified
Wed, 29 Sep 2021 15:01:43 GMT
server
cloudflare
etag
"26b8-61547fd7-3a1ccf;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 15:02:34 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8ee4e80-FRA
cf-bgj
imgq:100,h2pri
36165046210_5623fc9699_k-220x180.jpg
newsmaker.md/wp-content/uploads/2019/07/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/07/36165046210_5623fc9699_k-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18de01f5df9179b52a4f42b2e015ea032510842751070562925d26d161e94519
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/07/36165046210_5623fc9699_k-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
213615
cf-polished
origSize=13165, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12208
last-modified
Mon, 08 Jul 2019 21:38:57 GMT
server
cloudflare
etag
"336d-5d23b7f1-7c6546;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Mon, 04 Oct 2021 07:48:33 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8ef4e80-FRA
cf-bgj
imgq:100,h2pri
shkol-uchitel-220x180.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/shkol-uchitel-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a97513479f1eab56cb356017ffc35af29892f8b2db80925003141c6a50a844
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/shkol-uchitel-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
383782
cf-polished
origSize=10200, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10041
last-modified
Sat, 25 Sep 2021 08:02:46 GMT
server
cloudflare
etag
"27d8-614ed7a6-3a08a9;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Sat, 02 Oct 2021 08:32:26 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8f24e80-FRA
cf-bgj
imgq:100,h2pri
dsc_6554-220x180.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/dsc_6554-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e67b3dce18db5684be0405d8736fcdcaa2d0b062b854aeaedf0233c86fe8dee8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/dsc_6554-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
17352
cf-polished
origSize=7222, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6995
last-modified
Mon, 26 Jul 2021 12:42:42 GMT
server
cloudflare
etag
"1c36-60feadc2-2a9e83;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 14:19:36 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8f34e80-FRA
cf-bgj
imgq:100,h2pri
81831f6d7242b2b30dd57e6b8c7065b3-220x180.jpg
newsmaker.md/wp-content/uploads/2019/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/03/81831f6d7242b2b30dd57e6b8c7065b3-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d8e9247c2818275915fbdec4d02fd2a7682accfb67058d70d947ae042d034f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/03/81831f6d7242b2b30dd57e6b8c7065b3-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
17545
cf-polished
origSize=9356, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8853
last-modified
Fri, 01 Mar 2019 17:48:53 GMT
server
cloudflare
etag
"248c-5c797085-723d6f;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 14:16:23 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8f44e80-FRA
cf-bgj
imgq:100,h2pri
178359140_127391379429415_1424514383359027368_n-220x180.jpg
newsmaker.md/wp-content/uploads/2021/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/04/178359140_127391379429415_1424514383359027368_n-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f85893c90a71e6664b66b929f50fe2857b5f46bc98c4f3f26947c4a5d67782b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/04/178359140_127391379429415_1424514383359027368_n-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
18065
cf-polished
origSize=11255, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11142
last-modified
Wed, 28 Apr 2021 10:31:42 GMT
server
cloudflare
etag
"2bf7-6089398e-348152;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 14:07:43 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8f64e80-FRA
cf-bgj
imgq:100,h2pri
wbfia_01-220x180.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/wbfia_01-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87cfef27c8193e811b5f9f7c2c60973a548c5fc6fb5b11cb0c710cfb59845c36
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/wbfia_01-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
19385
cf-polished
origSize=15770, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15665
last-modified
Wed, 29 Sep 2021 13:41:06 GMT
server
cloudflare
etag
"3d9a-61546cf2-3a1b48;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 13:45:43 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8f84e80-FRA
cf-bgj
imgq:100,h2pri
29-07-2021-parlament-119-220x180.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/29-07-2021-parlament-119-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f26bc0ea8f34823161258246b548f4c435d41b4d101d57d746488c7bf2da1a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/29-07-2021-parlament-119-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
22454
cf-polished
origSize=10285, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10144
last-modified
Thu, 29 Jul 2021 15:32:44 GMT
server
cloudflare
etag
"282d-6102ca1c-2ab3d4;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 12:54:34 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8f94e80-FRA
cf-bgj
imgq:100,h2pri
5874df8033da441d94d60341cf02b279-1601123463kc68tdw_0-220x180.jpeg
newsmaker.md/wp-content/uploads/2021/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/5874df8033da441d94d60341cf02b279-1601123463kc68tdw_0-220x180.jpeg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03e45084e11351caad4c84a12f7b9a4cf9401490e4f9290723278419c98b16ae
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/5874df8033da441d94d60341cf02b279-1601123463kc68tdw_0-220x180.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
20589
cf-polished
origSize=7893, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7751
last-modified
Wed, 29 Sep 2021 13:24:54 GMT
server
cloudflare
etag
"1ed5-61546926-3a1b1a;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 13:25:39 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8fa4e80-FRA
cf-bgj
imgq:100,h2pri
cideo-220x180.jpeg
newsmaker.md/wp-content/uploads/2021/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/cideo-220x180.jpeg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec09a1d86f3ccbf093f92ba1e4c5086c993006ab923e994a5130be31c844b51
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/cideo-220x180.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
22270
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8271
last-modified
Wed, 29 Sep 2021 12:55:05 GMT
server
cloudflare
etag
"204f-61546229-3a1ada;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 12:57:38 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8fb4e80-FRA
cf-bgj
imgq:100,h2pri
756085603700202-220x180.jpg
newsmaker.md/wp-content/uploads/2021/03/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/03/756085603700202-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
133bd0162f7161c9cf8847b3906ef4d0edce4c4f002e51f1eb07d813a2da5cd2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/03/756085603700202-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
5709
cf-polished
origSize=8669, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8628
last-modified
Mon, 29 Mar 2021 19:29:50 GMT
server
cloudflare
etag
"21dd-60622aae-5b9e5a;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Mon, 27 Sep 2021 16:47:34 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f8fe4e80-FRA
cf-bgj
imgq:100,h2pri
turtsiya-sinovak-220x180.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/turtsiya-sinovak-220x180.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a886a792c3d5d478a94eba9d236b961bf9bd80bfda0f12003474fedb36da999
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/turtsiya-sinovak-220x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
25069
cf-polished
origSize=13278, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13141
last-modified
Wed, 29 Sep 2021 12:03:34 GMT
server
cloudflare
etag
"33de-61545616-3a1ab9;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 12:10:59 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9004e80-FRA
cf-bgj
imgq:100,h2pri
wbfia_01-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/wbfia_01-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3af629f3959f4515753a25278c1e415192c979d7fb4f4797063347ef8a5b1f3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/wbfia_01-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
19395
cf-polished
origSize=23928, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23823
last-modified
Wed, 29 Sep 2021 13:41:06 GMT
server
cloudflare
etag
"5d78-61546cf2-3a1b47;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 13:45:33 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9044e80-FRA
cf-bgj
imgq:100,h2pri
mold-teatre-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/mold-teatre-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385374c498aaa15b5f4829c12f01b3c578c0ea0e6a0b4e87b6f45377244c3f66
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/mold-teatre-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
34802
cf-polished
origSize=13047, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12706
last-modified
Wed, 29 Sep 2021 09:28:06 GMT
server
cloudflare
etag
"32f7-615431a6-3a1742;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 09:28:46 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9074e80-FRA
cf-bgj
imgq:100,h2pri
aspirator-ro-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/aspirator-ro-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c571263af4f3735f098e217c51b3c79e68ff498c060ba9861fa78343232223d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/aspirator-ro-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
36165
cf-polished
origSize=11502, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11193
last-modified
Wed, 29 Sep 2021 09:05:09 GMT
server
cloudflare
etag
"2cee-61542c45-390a28;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 09:06:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9094e80-FRA
cf-bgj
imgq:100,h2pri
microinvest-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/microinvest-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72acb87df5359ea679dce85c62eacb5b8d921a313dcc6d07ac1b27a3850eeac9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/microinvest-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
37142
cf-polished
origSize=15367, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15026
last-modified
Wed, 29 Sep 2021 08:48:54 GMT
server
cloudflare
etag
"3c07-61542876-3909fa;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 08:49:46 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f90b4e80-FRA
cf-bgj
imgq:100,h2pri
neasmaker-ru-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/neasmaker-ru-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f3f71211a0345876afb97d4f588e7cf98383c3a90498ab06b89059e53fcbbc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/neasmaker-ru-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
105761
cf-polished
origSize=18276, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18059
last-modified
Tue, 28 Sep 2021 13:44:33 GMT
server
cloudflare
etag
"4764-61531c41-3a143b;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 13:46:07 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f90e4e80-FRA
cf-bgj
imgq:100,h2pri
lg-ru-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/lg-ru-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87d5e2d9e113d507eee4659247cf5874e8363898e7c94d1b274343e416d7e525
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/lg-ru-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
215
cf-polished
origSize=18754, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18556
last-modified
Mon, 27 Sep 2021 09:30:58 GMT
server
cloudflare
etag
"4942-61518f52-3a0cda;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9104e80-FRA
cf-bgj
imgq:100,h2pri
gedeon_baner-aniversar2-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/gedeon_baner-aniversar2-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e5f66338ea823c390685123825fb65f855c4df9ad21a79ffca3a94391db3de7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/gedeon_baner-aniversar2-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
7195
cf-polished
origSize=15342, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15093
last-modified
Mon, 27 Sep 2021 06:26:54 GMT
server
cloudflare
etag
"3bee-6151642e-3a0b3b;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9144e80-FRA
cf-bgj
imgq:100,h2pri
orange-ru-2-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/orange-ru-2-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab37f6ab6141256473d08a50f00c490345b6f9532e54de6c6f4ae0c0026df232
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/orange-ru-2-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
17
cf-polished
origSize=19618, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19432
last-modified
Mon, 27 Sep 2021 06:36:52 GMT
server
cloudflare
etag
"4ca2-61516684-3a0b52;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9164e80-FRA
cf-bgj
imgq:100,h2pri
harta-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/harta-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f4aee7cc32effbb1f40c6ce817038c6c417f991f99876754191df46a4810336
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/harta-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
42
cf-polished
origSize=13173, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12858
last-modified
Thu, 23 Sep 2021 10:44:08 GMT
server
cloudflare
etag
"3375-614c5a78-3a01ab;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9184e80-FRA
cf-bgj
imgq:100,h2pri
mold-bank-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/mold-bank-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c96c25b62d1df94b967e6e52075803435224a1b39db4ba790c1b5390c4d6a73
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/mold-bank-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
44
cf-polished
origSize=14727, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14557
last-modified
Wed, 22 Sep 2021 08:51:00 GMT
server
cloudflare
etag
"3987-614aee74-39fad7;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f91b4e80-FRA
cf-bgj
imgq:100,h2pri
screenshot-2021-07-14-at-16.13.26-300x210.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/screenshot-2021-07-14-at-16.13.26-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730ed50ea18f25ef9d9f37fec78657845f7d8141d2d091162f1558871696725c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/screenshot-2021-07-14-at-16.13.26-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4463
cf-polished
origSize=15107, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14827
last-modified
Wed, 14 Jul 2021 13:13:45 GMT
server
cloudflare
etag
"3b03-60eee309-2a6d48;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f91f4e80-FRA
cf-bgj
imgq:100,h2pri
obozhka-100x70.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/obozhka-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a335e9660ee4733252885c06a4877893344969128f70eb9a798f3aaf89ba04d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/obozhka-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4433
cf-polished
origSize=3717, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3586
last-modified
Thu, 29 Jul 2021 15:13:31 GMT
server
cloudflare
etag
"e85-6102c59b-2aaa73;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9214e80-FRA
cf-bgj
imgq:100,h2pri
nmnm-100x70.jpeg
newsmaker.md/wp-content/uploads/2021/07/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/nmnm-100x70.jpeg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eeebb74978a3b08315b9759fe15a088f039de1340d497602d1d0290ce169b0f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/nmnm-100x70.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4463
cf-polished
origSize=2542, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2541
last-modified
Fri, 02 Jul 2021 16:25:28 GMT
server
cloudflare
etag
"9ee-60df3df8-2a2597;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9224e80-FRA
cf-bgj
imgq:100,h2pri
ataki-100x70.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/ataki-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70696faf192b7eb953f66c01f7722184064cc80a25c027da0630e1b95be6c794
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/ataki-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4463
cf-polished
origSize=4587, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4504
last-modified
Fri, 02 Jul 2021 09:31:55 GMT
server
cloudflare
etag
"11eb-60dedd0b-2a2405;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9244e80-FRA
cf-bgj
imgq:100,h2pri
oblozhka_video-100x70.jpg
newsmaker.md/wp-content/uploads/2021/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/06/oblozhka_video-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a68fb9f68f928386ec28682e9653e28c1a30451bd69748f5cbc7c66c7e5523a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/06/oblozhka_video-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6030
cf-polished
origSize=4143, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4016
last-modified
Thu, 24 Jun 2021 17:12:41 GMT
server
cloudflare
etag
"102f-60d4bd09-31bc70;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9264e80-FRA
cf-bgj
imgq:100,h2pri
image-1-1-100x70.jpg
newsmaker.md/wp-content/uploads/2021/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/06/image-1-1-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3d565ec1d225a25ab433242907f027678b329a4cf27cf6ead76b2230dd6c64d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/06/image-1-1-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
5455
cf-polished
origSize=3849, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3803
last-modified
Wed, 23 Jun 2021 14:36:56 GMT
server
cloudflare
etag
"f09-60d34708-31b79d;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f9284e80-FRA
cf-bgj
imgq:100,h2pri
oblozhka-100x70.jpg
newsmaker.md/wp-content/uploads/2021/06/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/06/oblozhka-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c889ed24af8087227a1f223af262c0369678c8be251be13b2eec0fcf65504056
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/06/oblozhka-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6030
cf-polished
origSize=3351, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3195
last-modified
Fri, 11 Jun 2021 18:00:25 GMT
server
cloudflare
etag
"d17-60c3a4b9-3183d2;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f92a4e80-FRA
cf-bgj
imgq:100,h2pri
brut.00_18_08_34.still008ok-100x70.jpg
newsmaker.md/wp-content/uploads/2021/06/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/06/brut.00_18_08_34.still008ok-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce25e2faf858a705d9b941d0e865cf5f11c1f33a90be48d388a60b6662b61eb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/06/brut.00_18_08_34.still008ok-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4463
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1755
last-modified
Thu, 10 Jun 2021 08:13:02 GMT
server
cloudflare
etag
"6db-60c1c98e-317ad1;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678094f92d4e80-FRA
cf-bgj
imgq:100,h2pri
image-7-100x70.jpg
newsmaker.md/wp-content/uploads/2021/06/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/06/image-7-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a75c6f1265246ba14c0d683d7c45cfbc98c75d9a48b48dfa06a904c68cf9950
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/06/image-7-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
5455
cf-polished
origSize=3603, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3570
last-modified
Mon, 07 Jun 2021 17:37:57 GMT
server
cloudflare
etag
"e13-60be5975-31712e;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809519334e80-FRA
cf-bgj
imgq:100,h2pri
img_4642-100x70.jpg
newsmaker.md/wp-content/uploads/2021/06/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/06/img_4642-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ff3a810a8af46e7418a845a07c79ce8af24c75f89f158d8d908a20b9b0afe75
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/06/img_4642-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4463
cf-polished
origSize=2526, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2373
last-modified
Tue, 01 Jun 2021 09:22:47 GMT
server
cloudflare
etag
"9de-60b5fc67-313c84;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809519364e80-FRA
cf-bgj
imgq:100,h2pri
31-05-2021.00_02_08_29.still004-ok-100x70.jpg
newsmaker.md/wp-content/uploads/2021/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/05/31-05-2021.00_02_08_29.still004-ok-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2c2cf55b456cdc541aeddfc06f3c6e532b16a2bce03e744c2a39355de2a93f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/05/31-05-2021.00_02_08_29.still004-ok-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6023
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2676
last-modified
Mon, 31 May 2021 16:47:54 GMT
server
cloudflare
etag
"a74-60b5133a-5a9b66;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809519384e80-FRA
cf-bgj
imgq:100,h2pri
1970-01-20-120154766-300x210.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/1970-01-20-120154766-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ba02d403597038e3e51f0407977b0ff37e605fc54c5107f3a49d98cd9c6220
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/1970-01-20-120154766-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4951
cf-polished
origSize=8983, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8867
last-modified
Mon, 06 Sep 2021 07:54:45 GMT
server
cloudflare
etag
"2317-6135c945-39bb85;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809519394e80-FRA
cf-bgj
imgq:100,h2pri
image-4-4-300x210.jpg
newsmaker.md/wp-content/uploads/2021/04/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/04/image-4-4-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ffaa742495644d25430df1b410148681ac16cc81e185ca816c16fd0b1a5ab86
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/04/image-4-4-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6030
cf-polished
origSize=19635, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19431
last-modified
Sun, 25 Apr 2021 12:15:19 GMT
server
cloudflare
etag
"4cb3-60855d57-3471da;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678095193b4e80-FRA
cf-bgj
imgq:100,h2pri
dsc5611-1024x681-1-300x210.jpg
newsmaker.md/wp-content/uploads/2020/06/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2020/06/dsc5611-1024x681-1-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de6bc5ecf8ba71e402cd102d033dab7b7fccb7aa0514e159d6cd865e94df98f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2020/06/dsc5611-1024x681-1-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4433
cf-polished
origSize=20232, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8367
last-modified
Fri, 05 Jun 2020 17:27:44 GMT
server
cloudflare
etag
"4f08-5eda8090-5e1d63;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678095193e4e80-FRA
cf-bgj
imgq:100,h2pri
untitled-design-8-300x210.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/untitled-design-8-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97f9ad0bb256dca87692c7774df9bdd695714db70cc6de3c6c123ff29d52f938
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/untitled-design-8-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4433
cf-polished
origSize=26440, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26195
last-modified
Fri, 09 Jul 2021 15:17:31 GMT
server
cloudflare
etag
"6748-60e8688b-2a56cc;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809519404e80-FRA
cf-bgj
imgq:100,h2pri
untitled-design-7-300x210.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/untitled-design-7-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5aed98e359c0384ebb204f67c572e7d5cb1c254548b8931a2b7c71d5a8ae980
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/untitled-design-7-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4433
cf-polished
origSize=18888, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18662
last-modified
Sun, 04 Jul 2021 16:34:39 GMT
server
cloudflare
etag
"49c8-60e1e31f-2a29de;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809519424e80-FRA
cf-bgj
imgq:100,h2pri
image-from-ios-42-300x210.jpg
newsmaker.md/wp-content/uploads/2021/06/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/06/image-from-ios-42-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d4c2e53dc21902784cd7310754876625ef18091d4b496941a6d75bd63dba97
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/06/image-from-ios-42-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6030
cf-polished
origSize=14886, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14732
last-modified
Fri, 25 Jun 2021 15:19:11 GMT
server
cloudflare
etag
"3a26-60d5f3ef-31c186;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809519434e80-FRA
cf-bgj
imgq:100,h2pri
PODKAST-1-300x210.jpg
newsmaker.md/wp-content/uploads/2021/06/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/06/PODKAST-1-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d878a8fc2edf1844ac643fbb326f42605fe6dc6d720c7191fd9148cb7b8576
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/06/PODKAST-1-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4433
cf-polished
origSize=21030, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20555
last-modified
Thu, 24 Jun 2021 12:54:10 GMT
server
cloudflare
etag
"5226-60d48072-31bb61;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809519464e80-FRA
cf-bgj
imgq:100,h2pri
untitled-design-4-300x210.jpg
newsmaker.md/wp-content/uploads/2021/06/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/06/untitled-design-4-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4130e148ccfabe70fa0627fbc1f1c5fa61886ab250178e08eac3a3a2f50274
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/06/untitled-design-4-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6030
cf-polished
origSize=23003, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22730
last-modified
Sat, 19 Jun 2021 03:20:39 GMT
server
cloudflare
etag
"59db-60cd6287-31a5d3;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809519494e80-FRA
cf-bgj
imgq:100,h2pri
untitled-design-3-300x210.png
newsmaker.md/wp-content/uploads/2021/05/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/05/untitled-design-3-300x210.png
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e10b69677748f824b68b6b430bef9030fcf17f8d7a5b3799cf56dac057cdc8fe
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/05/untitled-design-3-300x210.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept
cf-cache-status
HIT
age
2213
cf-polished
origFmt=png, origSize=75074
content-disposition
inline; filename="untitled-design-3-300x210.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
55246
last-modified
Mon, 24 May 2021 18:24:44 GMT
server
cloudflare
etag
"12542-60abef6c-5a7599;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/webp
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678095194c4e80-FRA
cf-bgj
imgq:100,h2pri
justiceinside-10-300x210.jpg
newsmaker.md/wp-content/uploads/2021/04/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/04/justiceinside-10-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38daae304661fccac455e225f2631b9fb8f27cbbabae43694b0bcd303a747a0a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/04/justiceinside-10-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6030
cf-polished
origSize=10396, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10051
last-modified
Mon, 19 Apr 2021 12:16:52 GMT
server
cloudflare
etag
"289c-607d74b4-3454f0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678095194d4e80-FRA
cf-bgj
imgq:100,h2pri
logo-e1566188311559.png
newsmaker.md/wp-content/uploads/2019/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/01/logo-e1566188311559.png
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73391a541351062884321aa2cb7cb5fd9389be9122ca17d8ef9023458531e635
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/01/logo-e1566188311559.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept
cf-cache-status
HIT
age
7159
cf-polished
origFmt=png, origSize=2961
content-disposition
inline; filename="logo-e1566188311559.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1598
last-modified
Mon, 19 Aug 2019 04:18:31 GMT
server
cloudflare
etag
"b91-5d5a2317-6402f0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/webp
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678095194e4e80-FRA
cf-bgj
imgq:100,h2pri
logo_red-1.png
newsmaker.md/wp-content/uploads/2019/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/01/logo_red-1.png
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08283477b2fc096fac0a30f63c4d9df8f825009bd06a0088ede37566e32bb8a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/01/logo_red-1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept
cf-cache-status
HIT
age
7196
cf-polished
origFmt=png, origSize=6054
content-disposition
inline; filename="logo_red-1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2970
last-modified
Thu, 15 Aug 2019 12:53:49 GMT
server
cloudflare
etag
"17a6-5d5555dd-6402fc;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/webp
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678095194f4e80-FRA
cf-bgj
imgq:100,h2pri
newsmakermd.js
dsail-tech.com/assets/hb/ 		537 KB
539 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsail-tech.com/assets/hb/newsmakermd.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.7.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f9c4efb1f6051ce820c63909ad3c3756b879661b0cdda0ff13a901f489acd69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Sep 2021 18:06:29 GMT
server
cloudflare
age
3739
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvgTXbP%2Fkftq5OY%2Bd%2FHyL2Ln9eCf1mXEXWex5TZWDYGrr8fnYAOdbXcbITvMz2B%2Ff2Uj8WIcTra5h2qV0%2FTQhIyE70y1X9xjhi6coNPepFDZpVXSk%2Brdky15nnLTWJSkxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
696780953c064ec1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
550224
bootstrap-min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/bootstrap-min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/bootstrap-min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
48
etag
W/"90b5-5e212590-6400ad;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8804e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
hoverIntent.min.js
newsmaker.md/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-includes/js/hoverIntent.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-includes/js/hoverIntent.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jul 2021 23:23:41 GMT
server
cloudflare
age
46
etag
W/"5c8-6101e6fd-5d0704;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8b24e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
jquery.scrollbar.min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/jquery.scrollbar.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa68371f310d31bd036986bb97b2ca278339eeb86972c0c191f36f434eafd99
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/jquery.scrollbar.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
45
etag
W/"32e2-5e212590-6400b3;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8b84e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
slick.min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/slick.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/slick.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
48
etag
W/"a3e1-5e212590-6400b6;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8bb4e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
flexmenu.min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/flexmenu.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d48e20099d2c405168b8004e5e898d7f00abfff3b0e75bfeffc40b7e8965754
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/flexmenu.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
46
etag
W/"9eb-5e212590-6400ae;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8c44e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
jquery-inview-min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/jquery-inview-min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3535bf9c68a69732cec8f625abb8a79db09a0466d0793f491a9193710aff92
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/jquery-inview-min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
45
etag
W/"59d-5e212590-6400b0;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8c54e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
masonry.pkgd.min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/masonry.pkgd.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baedf35b211afa81948c93a9258dcf732723bd28decf1fb1e4737bbd2e788bd9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/masonry.pkgd.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
48
etag
W/"10645-5e212590-6400b5;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8c74e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
theia-sticky-sidebar.min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/theia-sticky-sidebar.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3e94e24bc377861a8fe908b0266226d32936cc4453cb6ec91cef695bab91e1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/theia-sticky-sidebar.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
46
etag
W/"141a-5e212590-6400b7;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8c84e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
jquery.magnific-popup.min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/jquery.magnific-popup.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/jquery.magnific-popup.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
45
etag
W/"4ef8-5e212590-6400b2;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8cb4e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
jarallax.min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/jarallax.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d58569491e7c9ca5ca407a23cf9859dab636464929424986d8797a2d8d83db
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/jarallax.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
45
etag
W/"247a-5e212590-6400af;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8cc4e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
jquery.justifiedGallery.min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/jquery.justifiedGallery.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9877e27090bf534cb7495116e8a873c50b673a9c9f2af5d8af324bc6c50ff8bd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/jquery.justifiedGallery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
45
etag
W/"46eb-5e212590-6400b1;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8cf4e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
jquery.zoom.min.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/jquery.zoom.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa401c580d2494a0ac8632c810414e579d4b9ed6a211d6e5768b496c8f7d061d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/plugins/jquery.zoom.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
age
46
etag
W/"a2f-5e212590-6400b4;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8d24e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:01 GMT
evo-custom.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/evo-custom.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83d9c789544a4a7ce29fd3eba0f3356de13bfeed42f69f6d22a8389f461e3db6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/evo-custom.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
45
cf-polished
origSize=17630
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
etag
W/"44de-5e212590-6400ab;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/x-javascript
expires
Tue, 05 Oct 2021 07:02:01 GMT
cache-control
public, max-age=604800
cf-ray
69678094f8d34e80-FRA
cf-bgj
minify
ajax-app.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/ajax-app.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
607ab6ba3ebaa30de9dd6c4939ce5a267633e7bb1fcf1b48c5386f4bccb451a8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/ajax-app.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
45
cf-polished
origSize=4550
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
etag
W/"11c6-5e212590-6400aa;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/x-javascript
expires
Tue, 05 Oct 2021 07:02:01 GMT
cache-control
public, max-age=604800
cf-ray
69678094f8d44e80-FRA
cf-bgj
minify
user-box.js
newsmaker.md/wp-content/themes/evonews/includes/assets/js/ 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/user-box.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915a3c8a4d5846f464502b92d74e2b7b58def2b0cd56b7f28c7a28a96bece2f5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/js/user-box.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
45
cf-polished
origSize=2216
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jan 2020 03:10:08 GMT
server
cloudflare
etag
W/"8a8-5e212590-6400ac;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/x-javascript
expires
Tue, 05 Oct 2021 07:02:02 GMT
cache-control
public, max-age=604800
cf-ray
69678094f8d64e80-FRA
cf-bgj
minify
comment-reply.min.js
newsmaker.md/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-includes/js/comment-reply.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-includes/js/comment-reply.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Apr 2021 06:24:03 GMT
server
cloudflare
age
45
etag
W/"ba8-607d2203-5d06f0;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8d74e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:02 GMT
wp-embed.min.js
newsmaker.md/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-includes/js/wp-embed.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Feb 2021 14:25:02 GMT
server
cloudflare
age
45
etag
W/"592-601c03be-5d0730;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8da4e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:02 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1239
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
696780953bbc4e3e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 02 Oct 2021 19:08:48 GMT
js_composer_front.min.js
newsmaker.md/wp-content/plugins/js_composer/assets/js/dist/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Aug 2020 00:50:49 GMT
server
cloudflare
age
4576
etag
W/"5079-5f333ce9-5c009b;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=0
cf-ray
69678094f8de4e80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 07:02:02 GMT
forms.js
newsmaker.md/wp-content/plugins/mailchimp-for-wp/assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcbe862273a5d7cb61ffaa1eda7e0a1ecb466ca5e08a592fae3e6d1824960293
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
cf-cache-status
HIT
age
46
strict-transport-security
max-age=0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 26 Jun 2021 20:12:29 GMT
server
cloudflare
etag
W/"1842-60d78a2d-3b00bd;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cf-bgj
minify
cache-control
public, max-age=604800
cf-ray
6967809519514e80-FRA
expires
Tue, 05 Oct 2021 07:02:02 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 16:39:17 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6967809528b64e08-FRA
truncated
/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72d9795f1b20e37c65bcfa1e18dccf2ca46717e97900197d5488da12bdf2cc1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
8003486abe9044154c794ff0c8a340f2f33c2a5f78ca07d456f1be135a4429e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DdVQvDgtMdWwOoqnpljULQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
OBcCZrpBccAudkMRIAWOiqZhm69W2Ov4QG5fx2gPKVBhmoiOgGnX2ciPqu4He5yp7mU98U3uwmMGTzNh8sw4jg==
x-fb-trip-id
917726464
x-fb-content-md5
4ca105c4888fdab18b8a99b507862e63
x-frame-options
DENY
date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"684dbfb34b135a8cb3b3d0a0f52adfd7"
timing-allow-origin
*
expires
Wed, 29 Sep 2021 19:27:09 GMT
style.css
newsmaker.md/wp-content/themes/evonews/ 		222 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/style.css
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/wp-content/themes/evonews-child/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bdb22e0cf1fe535972a7a701ff9e92d429f29cee11f2fa297303fbd899d837
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
newsmaker.md
referer
https://newsmaker.md/wp-content/themes/evonews-child/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/wp-content/themes/evonews-child/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
47
cf-polished
origSize=287154
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 12 Feb 2021 09:53:28 GMT
server
cloudflare
etag
W/"461b2-60265018-630579;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
text/css
expires
Tue, 05 Oct 2021 07:02:06 GMT
cache-control
public, max-age=604800
cf-ray
69678094cec942c9-FRA
cf-bgj
minify
gtm.js
www.googletagmanager.com/ 		147 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K7HFJTH
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
370f77f3c88cb0270a3040171221f5aedbdffb7f0c8fcbd0e42c899a8be1046d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55334
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Sep 2021 19:08:48 GMT
fontawesome-webfont.woff2
newsmaker.md/wp-content/themes/evonews/includes/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/wp-content/themes/evonews/includes/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/wp-content/themes/evonews/includes/assets/css/evo-core.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/themes/evonews/includes/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://newsmaker.md
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
newsmaker.md
referer
https://newsmaker.md/wp-content/themes/evonews/includes/assets/css/evo-core.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://newsmaker.md/wp-content/themes/evonews/includes/assets/css/evo-core.css
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
last-modified
Tue, 08 Jan 2019 16:21:00 GMT
server
cloudflare
etag
"12d68-5c34cdec-6400a9;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809519534e80-FRA
expires
Mon, 27 Sep 2021 13:42:57 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
dc40519e22545b5835214128bd107a8304e66096bf086b37e326a3659bf3711e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 07:43:22 GMT
x-content-type-options
nosniff
age
473126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9832
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Sep 2022 07:43:22 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:54:04 GMT
x-content-type-options
nosniff
age
141284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 03:54:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:27:37 GMT
x-content-type-options
nosniff
age
178871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Sep 2022 17:27:37 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 17:44:49 GMT
x-content-type-options
nosniff
age
264239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11996
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Sep 2022 17:44:49 GMT
image-12.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/image-12.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55983af35433c198afe7a72f1dde73420e62582ffbdafc0d48cd5b1d57ad264
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/image-12.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept
cf-cache-status
HIT
age
11816
cf-polished
origFmt=jpeg, origSize=158906
content-disposition
inline; filename="image-12.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
134360
last-modified
Thu, 08 Jul 2021 13:06:59 GMT
server
cloudflare
etag
"26cba-60e6f873-2a502c;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/webp
expires
Wed, 06 Oct 2021 15:51:52 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6967809529674e80-FRA
cf-bgj
imgq:100,h2pri
162194588_798222037448340_997475523406560777_o-750x530.jpeg
newsmaker.md/wp-content/uploads/2021/03/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/03/162194588_798222037448340_997475523406560777_o-750x530.jpeg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fdc9fdbacc99629aab62ca371f8267d62329511888ebcbfb10d0e3f61c68e46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/03/162194588_798222037448340_997475523406560777_o-750x530.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4684
cf-polished
origSize=56169, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
55590
last-modified
Fri, 19 Mar 2021 12:24:25 GMT
server
cloudflare
etag
"db69-605497f9-5b7406;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Mon, 27 Sep 2021 14:31:15 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678095296a4e80-FRA
cf-bgj
imgq:100,h2pri
turtsiya-sinovak-750x527.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/turtsiya-sinovak-750x527.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bc0b74f180e7b1bc14c649d12fd52a06bd90970506874fb38222c803ecdf9e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/turtsiya-sinovak-750x527.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:48 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
25069
cf-polished
origSize=90562, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
89597
last-modified
Wed, 29 Sep 2021 12:03:34 GMT
server
cloudflare
etag
"161c2-61545616-3a1ab6;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 12:10:59 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678095296b4e80-FRA
cf-bgj
imgq:100,h2pri
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
9428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:31:40 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:39:18 GMT
x-content-type-options
nosniff
age
8970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:39:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
9425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:31:43 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:40:33 GMT
x-content-type-options
nosniff
age
8895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:40:33 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:38:41 GMT
x-content-type-options
nosniff
age
9007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:38:41 GMT
sdk.js
connect.facebook.net/en_US/ 		269 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8d586e0f32a2f05f3db14b7a89603e75
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
5003991a5acb0f61efe7e7f67ff29ba81bd7a8e589c9a35e43c888f770dee299
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://newsmaker.md/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
B23bwDLSUUePS5+MVQmkMQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77731
x-fb-rlafr
0
x-fb-debug
drHWipTLhwj8FmLgy3PYot7ZVjcaLmrMLpmG/DVAUwCEDxbSC82FJ/CzcO2mLuIxgFrqRUz+mdFaSzRHJpSZVA==
x-fb-content-md5
92fb159f71fdc5cb4c679e1cc7bc93dd
x-frame-options
DENY
date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"ed2149988472ca854c300f271d8069a7"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 29 Sep 2022 19:07:09 GMT
IMG_6440-1-300x210.jpg
newsmaker.md/wp-content/uploads/2019/03/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/03/IMG_6440-1-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
484ee56b24b6c3b9c4a47d911b24cabca3411995941c90759e973ed3cf1c2333
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/03/IMG_6440-1-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
207883
cf-polished
origSize=18025, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17054
last-modified
Sat, 02 Mar 2019 01:01:15 GMT
server
cloudflare
etag
"4669-5c79d5db-77e0b6;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Mon, 04 Oct 2021 09:24:06 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780968c3b4e80-FRA
cf-bgj
imgq:100,h2pri
31804881018_6b5722c9c6_h-300x210.jpg
newsmaker.md/wp-content/uploads/2019/02/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/02/31804881018_6b5722c9c6_h-300x210.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9902b02a693bfc75334ea145136acb28d4c925ba9e6ae8d5a2ff8bd7b1c8f99c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/02/31804881018_6b5722c9c6_h-300x210.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
18
cf-polished
origSize=14360, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13659
last-modified
Tue, 26 Feb 2019 13:58:25 GMT
server
cloudflare
etag
"3818-5c754601-65af06;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780968c3f4e80-FRA
cf-bgj
imgq:100,h2pri
screen-shot-2021-09-24-at-16.55.33-360x500.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/screen-shot-2021-09-24-at-16.55.33-360x500.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23cc23c857b5ffc55972e393b66ff023a96fea684f9c64a917c250761eb9af7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/screen-shot-2021-09-24-at-16.55.33-360x500.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
7038
cf-polished
origSize=24366, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23760
last-modified
Fri, 24 Sep 2021 15:40:08 GMT
server
cloudflare
etag
"5f2e-614df158-3a0836;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780968c404e80-FRA
cf-bgj
imgq:100,h2pri
obl2-360x500.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/obl2-360x500.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36e71c3e5e72a35544668d03dca46f534d3cae5768e48d5a6be33dbcbc6685f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/obl2-360x500.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6034
cf-polished
origSize=52127, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51806
last-modified
Sat, 18 Sep 2021 08:22:36 GMT
server
cloudflare
etag
"cb9f-6145a1cc-39ebab;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780968c434e80-FRA
cf-bgj
imgq:100,h2pri
tije1-360x500.jpg
newsmaker.md/wp-content/uploads/2021/08/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/08/tije1-360x500.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37547bdbc872f318cf164026aebaf337ad2e419a17e8d13f0e186ab887b0d856
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/08/tije1-360x500.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4574
cf-polished
origSize=21127, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20676
last-modified
Fri, 20 Aug 2021 20:55:15 GMT
server
cloudflare
etag
"5287-612016b3-398473;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:04 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780968c444e80-FRA
cf-bgj
imgq:100,h2pri
under0-360x500.jpg
newsmaker.md/wp-content/uploads/2021/08/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/08/under0-360x500.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffd825457e4ac18fd3e44f63867377f4079c4e76fc2db8e8c6c21bc0508c3a5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/08/under0-360x500.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4574
cf-polished
origSize=15814, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15482
last-modified
Sat, 14 Aug 2021 09:03:05 GMT
server
cloudflare
etag
"3dc6-611786c9-3968ca;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780968c464e80-FRA
cf-bgj
imgq:100,h2pri
tiser.00_00_46_00.still002-360x500.jpg
newsmaker.md/wp-content/uploads/2021/08/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/08/tiser.00_00_46_00.still002-360x500.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f5e435864607e2f637e31d59d8234fff394f6e22e7d5874f1df358a7cc7e580
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/08/tiser.00_00_46_00.still002-360x500.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6034
cf-polished
origSize=19586, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18934
last-modified
Sat, 07 Aug 2021 06:47:39 GMT
server
cloudflare
etag
"4c82-610e2c8b-3941bd;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780968c484e80-FRA
cf-bgj
imgq:100,h2pri
untitled-design-10-360x500.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/untitled-design-10-360x500.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed8dd1247ffbe1e97aa669ba92a11f79d04e9027e7aefcd48e2ec980b7a5362
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/untitled-design-10-360x500.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4574
cf-polished
origSize=14084, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14017
last-modified
Fri, 30 Jul 2021 15:48:18 GMT
server
cloudflare
etag
"3704-61041f42-2ab719;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780968c494e80-FRA
cf-bgj
imgq:100,h2pri
1970-01-19-105711051-copy-360x500.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/1970-01-19-105711051-copy-360x500.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a772756bf07f22e8c80273bf89b15cbe8337be29b7a9bf5e5fe02c33033e5b1f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/1970-01-19-105711051-copy-360x500.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
3032
cf-polished
origSize=19719, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19318
last-modified
Fri, 23 Jul 2021 20:23:00 GMT
server
cloudflare
etag
"4d07-60fb2524-2a8b70;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780968c4b4e80-FRA
cf-bgj
imgq:100,h2pri
6.10-360x500.jpg
newsmaker.md/wp-content/uploads/2021/07/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/07/6.10-360x500.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d802a143b8feb1cd9dec9c894969bc91e1c357d517a850736294d87c9e4070
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/07/6.10-360x500.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6034
cf-polished
origSize=19304, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18780
last-modified
Fri, 16 Jul 2021 10:39:40 GMT
server
cloudflare
etag
"4b68-60f161ec-2a73f5;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780968c4d4e80-FRA
cf-bgj
imgq:100,h2pri
242878239_6185893531485583_4421000786834442840_n-100x70.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/242878239_6185893531485583_4421000786834442840_n-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb5f65e056052c1ad07ebbafddb8a71f444366b3e2b1746d235bc60f536fe261
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/242878239_6185893531485583_4421000786834442840_n-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
199225
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2267
last-modified
Mon, 27 Sep 2021 06:14:52 GMT
server
cloudflare
etag
"8db-6151615c-3a0acd;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Mon, 04 Oct 2021 11:48:24 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678096ccc44e80-FRA
cf-bgj
imgq:100,h2pri
2dda24399f308266cc809dd7790b1ed2_181-100x70.jpg
newsmaker.md/wp-content/uploads/2019/03/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/03/2dda24399f308266cc809dd7790b1ed2_181-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
120eb97de67ef5e7c1ef01d2cd6534333499d9f3ede052a4cf670e6bd5dada65
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/03/2dda24399f308266cc809dd7790b1ed2_181-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
102481
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2402
last-modified
Fri, 01 Mar 2019 18:43:50 GMT
server
cloudflare
etag
"962-5c797d66-70642a;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 14:40:48 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678096ccc64e80-FRA
cf-bgj
imgq:100,h2pri
lapte-de-pasare-editat-100x70.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/lapte-de-pasare-editat-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80154100a3cc63dec477ce3880ce4afa278b489841558cddb151d76fa1c0e06
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/lapte-de-pasare-editat-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
34450
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1717
last-modified
Tue, 28 Sep 2021 08:16:38 GMT
server
cloudflare
etag
"6b5-6152cf66-3a115b;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 09:34:39 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678096ccc74e80-FRA
cf-bgj
imgq:100,h2pri
gavrilitsa3-100x70.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/gavrilitsa3-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a23a8d6428c356d969d71fa29eeb74719717d851606439d3b81ace11c1b79c0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/gavrilitsa3-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
22564
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1824
last-modified
Tue, 28 Sep 2021 05:57:05 GMT
server
cloudflare
etag
"720-6152aeb1-3a1020;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Wed, 06 Oct 2021 12:52:45 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678096ccc94e80-FRA
cf-bgj
imgq:100,h2pri
Kozlovska-si-Moldova-100x70.jpg
newsmaker.md/wp-content/uploads/2019/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/02/Kozlovska-si-Moldova-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0204e97f503b45598e9ab10968a150527d27452b963ef9d8025f7d812d4d538
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/02/Kozlovska-si-Moldova-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4331
cf-polished
origSize=2850, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2825
last-modified
Tue, 26 Feb 2019 09:48:31 GMT
server
cloudflare
etag
"b22-5c750b6f-6a2f68;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678096ccca4e80-FRA
cf-bgj
imgq:100,h2pri
DSC7537-min-3-100x70.jpg
newsmaker.md/wp-content/uploads/2019/02/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/02/DSC7537-min-3-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e60f044d1f846acde2af5d68d2bde4cd30bd70c258555d52fd56e182c9fc27a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/02/DSC7537-min-3-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4331
cf-polished
origSize=3322, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3252
last-modified
Tue, 26 Feb 2019 18:53:55 GMT
server
cloudflare
etag
"cfa-5c758b43-684142;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678096cccb4e80-FRA
cf-bgj
imgq:100,h2pri
IMG_3918-copy-min-100x70.jpg
newsmaker.md/wp-content/uploads/2019/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/02/IMG_3918-copy-min-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7bbb5185cb37a5e060cd25bccb9451523d9cad0c7b0a6d17b21bcaf9077185
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/02/IMG_3918-copy-min-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
3392
cf-polished
origSize=2684, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2644
last-modified
Tue, 26 Feb 2019 15:07:35 GMT
server
cloudflare
etag
"a7c-5c755637-68f98d;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678096cccd4e80-FRA
cf-bgj
imgq:100,h2pri
%D1%8F%D1%81%D0%B8%D0%BD20%D0%BE%D0%B7%D0%B4%D0%B8%D0%BB20%D0%B820%D1%80%D0%B5%D0%B7%D0%B020%D0%B4%D0%BE%D0%B3%D0%B0%D0%BD-2-100x70.jpg
newsmaker.md/wp-content/uploads/2019/02/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/02/%D1%8F%D1%81%D0%B8%D0%BD20%D0%BE%D0%B7%D0%B4%D0%B8%D0%BB20%D0%B820%D1%80%D0%B5%D0%B7%D0%B020%D0%B4%D0%BE%D0%B3%D0%B0%D0%BD-2-100x70.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b463c983970035ff2503072818880be2abbc99e0ee272988bc286f1d2b7a15
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/02/%D1%8F%D1%81%D0%B8%D0%BD20%D0%BE%D0%B7%D0%B4%D0%B8%D0%BB20%D0%B820%D1%80%D0%B5%D0%B7%D0%B020%D0%B4%D0%BE%D0%B3%D0%B0%D0%BD-2-100x70.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
3392
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3265
last-modified
Tue, 26 Feb 2019 10:49:33 GMT
server
cloudflare
etag
"cc1-5c7519bd-6dfcd2;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:03 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
69678096cccf4e80-FRA
cf-bgj
imgq:100,h2pri
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7HFJTH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1312
date
Wed, 29 Sep 2021 18:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 29 Sep 2021 20:46:57 GMT
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7HFJTH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
etag
"XUylRaJiJNdi08iU32oNYQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 06 Oct 2021 19:08:49 GMT
hotjar-1649282.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1649282.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7HFJTH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-6.fra2.r.cloudfront.net
Software
/
Resource Hash
273b650c0f7ae7805c04c781612f5b67135e515d637988c9eba1c7a06cadc480
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
br
x-content-type-options
nosniff
x-edge-origin-shield-skipped
0
x-cache-hit
1
etag
W/63a566fa45a80508cce51a285bd337a7
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
content-length
1892
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-id
BLdvyEgSGjBakiJijFKF2phkhOZEcMBbtn2mbTIXRXO3e94JR_o-Eg==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
wrCpcUKNVyoPGzzFp7p6il4rubOFJgixd4RPh3VwJkY87KPoBSZkIJKt775YpuL373RcnABFAote2BJ3tYigWQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 29 Sep 2021 19:08:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cab7849048519aa73f83.js
yastatic.net/partner-code-bundles/44378/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/44378/cab7849048519aa73f83.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
8802dc514a1b11afa8b0622888b2b6df46322835e474c0da0b1d545a6462957f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://newsmaker.md/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17427
last-modified
Wed, 29 Sep 2021 06:48:29 GMT
server
nginx/1.17.9
etag
"316072effcda3567c794ba59860bfa26"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2051 01:39:59 GMT
host.js
yastatic.net/safeframe-bundles/0.82/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.82/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://newsmaker.md/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8879
last-modified
Mon, 28 Jun 2021 10:29:24 GMT
server
nginx/1.17.9
etag
"e4627697ff619d2b610d2b2fee975531"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2051 01:43:11 GMT
imdb-big-little-lies-1140x570.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/imdb-big-little-lies-1140x570.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6bdfd1ef8948427a14ddcb3b927f8003c46681702c8701d94f9eba3b433c9c6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/imdb-big-little-lies-1140x570.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6033
cf-polished
origSize=47092, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46943
last-modified
Mon, 20 Sep 2021 09:01:24 GMT
server
cloudflare
etag
"b7f4-61484de4-39f0d4;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780974dec4e80-FRA
cf-bgj
imgq:100,h2pri
dsc_0865-1140x570.jpg
newsmaker.md/wp-content/uploads/2021/09/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/dsc_0865-1140x570.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0d4d9f07df29e7b753e858a6aa183a7be8a47a39fd917cf0adb1b182ce65adf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/dsc_0865-1140x570.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6033
cf-polished
origSize=138147, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
137372
last-modified
Wed, 15 Sep 2021 16:02:43 GMT
server
cloudflare
etag
"21ba3-61421923-39dae0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780974def4e80-FRA
cf-bgj
imgq:100,h2pri
hep1-1140x570.jpeg
newsmaker.md/wp-content/uploads/2021/09/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/09/hep1-1140x570.jpeg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac31b61afaafb26c0f6c7b7a8f1e68f6dd2c00997312521e2225725bf598f70
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/09/hep1-1140x570.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4833
cf-polished
origSize=46970, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46414
last-modified
Mon, 13 Sep 2021 13:44:39 GMT
server
cloudflare
etag
"b77a-613f55c7-39cfde;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780975df24e80-FRA
cf-bgj
imgq:100,h2pri
P_20170827_095544-1-1140x570.jpg
newsmaker.md/wp-content/uploads/2019/02/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2019/02/P_20170827_095544-1-1140x570.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e88483d67bb552c6a1e0e761784ef7b325e89d72af8c48acff0e8836ab3e93c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2019/02/P_20170827_095544-1-1140x570.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4573
cf-polished
origSize=106721, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
104110
last-modified
Mon, 25 Feb 2019 19:23:08 GMT
server
cloudflare
etag
"1a0e1-5c74409c-6a485b;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780975df84e80-FRA
cf-bgj
imgq:100,h2pri
supermom-1140x570.jpg
newsmaker.md/wp-content/uploads/2021/08/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2021/08/supermom-1140x570.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957a44bc43a0bc149cf0b3d39d33b8f0fa1d48a256a21a6447badd1af2be661c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2021/08/supermom-1140x570.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4573
cf-polished
origSize=106679, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
105976
last-modified
Thu, 26 Aug 2021 21:35:25 GMT
server
cloudflare
etag
"1a0b7-6128091d-3998fd;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780975dfe4e80-FRA
cf-bgj
imgq:100,h2pri
2-3-1140x570.jpg
newsmaker.md/wp-content/uploads/2020/09/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/wp-content/uploads/2020/09/2-3-1140x570.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad9cc391dc94fe8f5267a60a339485152256f028182e30312e9823990c99a20
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/wp-content/uploads/2020/09/2-3-1140x570.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
5461
cf-polished
origSize=71895, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68175
last-modified
Mon, 14 Sep 2020 01:07:36 GMT
server
cloudflare
etag
"118d7-5f5ec258-632e3d;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
expires
Tue, 05 Oct 2021 07:02:05 GMT
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
696780975dff4e80-FRA
cf-bgj
imgq:100,h2pri
/
newsmaker.md/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmaker.md/
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-litespeed-cache
hit
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=0
cf-ray
696780975e054e80-FRA
link
<https://newsmaker.md/wp-json/>; rel="https://api.w.org/" <https://newsmaker.md/wp-json/wp/v2/pages/409>; rel="alternate"; type="application/json" <https://newsmaker.md/>; rel=shortlink
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:33:20 GMT
x-content-type-options
nosniff
age
9329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:33:20 GMT
v2
an.yandex.ru/adfox/239538/getBulk/ 		23 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fnewsmaker.md%2F&date=2021-09-29T19%3A08%3A49.189%2B00%3A00&pd=29&pdh=1200&pdw=1600&pr1=239462139&pr=3909110749&prr=&pv=19&pw=3&extid_loader=&extid_tag_loader=newsmaker.md&ylv=0.44378&ybv=0.44378&ytt=190216456636437&is-turbo=0&skip-token=&ad-session-id=6446471632942529159&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1138%2C%22h%22%3A0%2C%22width%22%3A1138%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A231%2C%22top%22%3A139%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=44378&p1=cczra&p2=y&slotNumber=1&bids=W10%3D&grab=dEPQsNC80YvQtSDQstCw0LbQvdGL0LUg0L3QvtCy0L7RgdGC0Lgg0JzQvtC70LTQvtCy0Ysg0Lgg0LzQuNGA0LAgLSBOZXdzTWFrZXIKMyDQnNC10LbQtNGDINCh0LXRgNCx0LjQtdC5INC4INCa0L7RgdC-0LLQviDQvtCx0L7RgdGC0YDQuNC70YHRjyDQutC-0L3RhNC70LjQutGCLiDQldGB0YLRjCDQu9C4INC-0L_QsNGB0L3QvtGB0YLRjCDQtNC70Y8g0LzQvtC70LTQsNCy0YHQutC40YUg0LzQuNGA0L7RgtCy0L7RgNGG0LXQsj8gCjMg0JIg0JzQvtC70LTQvtCy0LUg0LfQsCDRgdGD0YLQutC4INCy0YvRj9Cy0LjQu9C4INC_0L7Rh9GC0LggMSw2INGC0YvRgS4g0YHQu9GD0YfQsNC10LIg0LrQvtGA0L7QvdCw0LLQuNGA0YPRgdCwLiDQo9C80LXRgCAyMSDQsdC-0LvRjNC90L7QuSBDT1ZJRC0xOSAKMyDQotGD0YDRhtC40Y8g0L_QtdGA0LXQtNCw0LvQsCDQnNC-0LvQtNC-0LLQtSA3MCDRgtGL0YEuINC00L7QtyDQstCw0LrRhtC40L3RiyBTaW5vdmFjIAozINCSINC_0L7Qs9C-0L3QtSDQt9CwINC20LjQt9C90YzRji4g0JjRgdGC0L7RgNC40Y8g0JTQtdC90LjRgdCwIOKAlCDQviDRgNC40YHQutC1LCDQtNGA0LDQudCy0LUg0Lgg0LvRjtCx0LLQuCDQuiDQttC40LfQvdC4IAozINCSINCa0LjRiNC40L3QtdCy0LUg0L_RgNC-0LnQtNC10YIgwqvQndC-0YfRjCDQsdC40LHQu9C40L7RgtC10LrCuyAKMyDQotGP0LbQtdC70L7QsNGC0LvQtdGCINC40Lcg0JzQvtC70LTQvtCy0Ysg0LfQsNCy0L7QtdCy0LDQuyDQtNCy0LUg0LHRgNC-0L3Qt9C-0LLRi9C1INC80LXQtNCw0LvQuCDQvdCwINGH0LXQvNC_0LjQvtC90LDRgtC1INCV0LLRgNC-0L_RiyAKMyDQkiDQoNGD0LzRi9C90LjQuCwg0L3QsCDRhNC-0L3QtSDQstGB0L_Qu9C10YHQutCwINC30LDRgNCw0LbQtdC90LjQuSDQutC-0YDQvtC90LDQstC40YDRg9GB0L7QvCwg0YDQsNGB0YLQtdGCINGH0LjRgdC70L4g0LLQsNC60YbQuNC90LjRgNGD0Y7RidC40YXRgdGPIAozINCY0LPQvtGA0Ywg0JPRgNC-0YHRgyDQstGB0YLRgNC10YLQuNC70YHRjyDRgSDQv9GA0LXQt9C40LTQtdC90YLQvtC8INCT0LXRgNC80LDQvdC40LguINCn0YLQviDQvtC90Lgg0L7QsdGB0YPQtNC40LvQuD8gCjMg0J7Rh9C10YDQtdC00L3QvtC1INC30LDRgdC10LTQsNC90LjQtSDRgdGD0LTQsCDQv9C-INC40YHQutGDINGN0LrRgS3Qs9C70LDQstGLINCh0LvRg9C20LHRiyDQs9C-0YHQvtGF0YDQsNC90Ysg0L_RgNC-0YLQuNCyINCh0LDQvdC00YMg0L_QtdGA0LXQvdC10YHQu9C4LiDQmtC-0LPQtNCwINGB0L7RgdGC0L7QuNGC0YHRjyDRgdC70LXQtNGD0Y7RidC10LU_IAozINCc0LXQttC00YMg0KHQtdGA0LHQuNC10Lkg0Lgg0JrQvtGB0L7QstC-INC-0LHQvtGB0YLRgNC40LvRgdGPINC60L7QvdGE0LvQuNC60YIuINCV0YHRgtGMINC70Lgg0L7Qv9Cw0YHQvdC-0YHRgtGMINC00LvRjyDQvNC-0LvQtNCw0LLRgdC60LjRhSDQvNC40YDQvtGC0LLQvtGA0YbQtdCyPyAKMyDQnNCw0LnRjyDQodCw0L3QtNGDINCy&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C33%3B423093%2C0%2C52%3B409043%2C0%2C78%3B428734%2C0%2C66%3B423102%2C0%2C63%3B417820%2C0%2C41%3B426801%2C0%2C26%3B416749%2C0%2C84%3B415831%2C0%2C44%3B424221%2C0%2C24%3B420559%2C0%2C94%3B426973%2C0%2C23%3B429815%2C0%2C78%3B429457%2C0%2C93%3B204307%2C0%2C76&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22426251%22%2C%22testId%22%3A%22429571%22%7D%5D%2C%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22ENCODE_COOKIE%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22424001%22%7D%5D%2C%22ADAPTIVE_NO_RESIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426539%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22REMOVE_GRAB_LIMIT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427341%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428379%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%5D%2C%22testId%22%3A%22428394%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22428758%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22adaptive0418%22%2C%22adaptive%22%2C%22modernAdaptive%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22grid%22%2C%22160x600%22%2C%22240x400%22%2C%22200x300%22%2C%22300x300%22%2C%22300x250%22%2C%22250x250%22%2C%22728x90%22%2C%221000x120%22%2C%22320x50%22%2C%22320x100%22%2C%22400x240%22%2C%22320x480%22%2C%22480x320%22%2C%22336x280%22%2C%22300x600%22%2C%22300x500%22%2C%22970x250%22%2C%22970x90%22%2C%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22423093%22%7D%5D%2C%22ADAPTIVE_PRICE%22%3A%5B%7B%22value%22%3A%22badge%22%2C%22testId%22%3A%22423093%22%7D%5D%2C%22REACALCULATES_HEIGHT_IF_IFRAME%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22409043%22%7D%5D%2C%22SMART_BANNER_CLIENT_BUNDLE_EXP%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428734%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22423102%22%7D%5D%2C%22IMAGE_STUB_BACKGROUND_TYPE%22%3A%5B%7B%22value%22%3A%22gradient%22%2C%22testId%22%3A%22417820%22%7D%5D%2C%22RTB_MEDIATESTTAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426801%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22415831%22%7D%5D%2C%22DISABLE_TGO_VIDEO_FOR_OID_EXP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22424221%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22disable%22%2C%22testId%22%3A%22420559%22%7D%2C%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22price%22%2C%22discount%22%2C%22image%22%5D%2C%22testId%22%3A%22426973%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_TIMEOUT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244378%22%2C%22testId%22%3A%22429457%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=qY42OXc5EDN%2FRMn626aqFh7Ck0tY8%2BugnCSJNmndHEHLNT6MXRGM3z9s4%2BRqX%2BzkIl3OIYue8PcAFgANWJw964VvDhM%3D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
08d46216e74711f7a46b445bf8028b7cec8a68dd67d2696478f2a6deb7248704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 19:08:49 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1632942529339845-1200958586745741813600327-production-app-host-man-pcode-8
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://newsmaker.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 29 Sep 2021 19:08:49 GMT
v2
an.yandex.ru/adfox/239538/getBulk/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fnewsmaker.md%2F&date=2021-09-29T19%3A08%3A49.207%2B00%3A00&pd=29&pdh=1200&pdw=1600&pr1=208180632&pr=3909110749&prr=&pv=19&pw=3&extid_loader=&extid_tag_loader=newsmaker.md&ylv=0.44378&ybv=0.44378&ytt=190216456636437&is-turbo=0&skip-token=&ad-session-id=6446471632942529159&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A748%2C%22h%22%3A0%2C%22width%22%3A748%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A231%2C%22top%22%3A463%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=44378&p1=ciejl&p2=y&slotNumber=3&bids=W10%3D&grab=dEPQsNC80YvQtSDQstCw0LbQvdGL0LUg0L3QvtCy0L7RgdGC0Lgg0JzQvtC70LTQvtCy0Ysg0Lgg0LzQuNGA0LAgLSBOZXdzTWFrZXIKMyDQnNC10LbQtNGDINCh0LXRgNCx0LjQtdC5INC4INCa0L7RgdC-0LLQviDQvtCx0L7RgdGC0YDQuNC70YHRjyDQutC-0L3RhNC70LjQutGCLiDQldGB0YLRjCDQu9C4INC-0L_QsNGB0L3QvtGB0YLRjCDQtNC70Y8g0LzQvtC70LTQsNCy0YHQutC40YUg0LzQuNGA0L7RgtCy0L7RgNGG0LXQsj8gCjMg0JIg0JzQvtC70LTQvtCy0LUg0LfQsCDRgdGD0YLQutC4INCy0YvRj9Cy0LjQu9C4INC_0L7Rh9GC0LggMSw2INGC0YvRgS4g0YHQu9GD0YfQsNC10LIg0LrQvtGA0L7QvdCw0LLQuNGA0YPRgdCwLiDQo9C80LXRgCAyMSDQsdC-0LvRjNC90L7QuSBDT1ZJRC0xOSAKMyDQotGD0YDRhtC40Y8g0L_QtdGA0LXQtNCw0LvQsCDQnNC-0LvQtNC-0LLQtSA3MCDRgtGL0YEuINC00L7QtyDQstCw0LrRhtC40L3RiyBTaW5vdmFjIAozINCSINC_0L7Qs9C-0L3QtSDQt9CwINC20LjQt9C90YzRji4g0JjRgdGC0L7RgNC40Y8g0JTQtdC90LjRgdCwIOKAlCDQviDRgNC40YHQutC1LCDQtNGA0LDQudCy0LUg0Lgg0LvRjtCx0LLQuCDQuiDQttC40LfQvdC4IAozINCSINCa0LjRiNC40L3QtdCy0LUg0L_RgNC-0LnQtNC10YIgwqvQndC-0YfRjCDQsdC40LHQu9C40L7RgtC10LrCuyAKMyDQotGP0LbQtdC70L7QsNGC0LvQtdGCINC40Lcg0JzQvtC70LTQvtCy0Ysg0LfQsNCy0L7QtdCy0LDQuyDQtNCy0LUg0LHRgNC-0L3Qt9C-0LLRi9C1INC80LXQtNCw0LvQuCDQvdCwINGH0LXQvNC_0LjQvtC90LDRgtC1INCV0LLRgNC-0L_RiyAKMyDQkiDQoNGD0LzRi9C90LjQuCwg0L3QsCDRhNC-0L3QtSDQstGB0L_Qu9C10YHQutCwINC30LDRgNCw0LbQtdC90LjQuSDQutC-0YDQvtC90LDQstC40YDRg9GB0L7QvCwg0YDQsNGB0YLQtdGCINGH0LjRgdC70L4g0LLQsNC60YbQuNC90LjRgNGD0Y7RidC40YXRgdGPIAozINCY0LPQvtGA0Ywg0JPRgNC-0YHRgyDQstGB0YLRgNC10YLQuNC70YHRjyDRgSDQv9GA0LXQt9C40LTQtdC90YLQvtC8INCT0LXRgNC80LDQvdC40LguINCn0YLQviDQvtC90Lgg0L7QsdGB0YPQtNC40LvQuD8gCjMg0J7Rh9C10YDQtdC00L3QvtC1INC30LDRgdC10LTQsNC90LjQtSDRgdGD0LTQsCDQv9C-INC40YHQutGDINGN0LrRgS3Qs9C70LDQstGLINCh0LvRg9C20LHRiyDQs9C-0YHQvtGF0YDQsNC90Ysg0L_RgNC-0YLQuNCyINCh0LDQvdC00YMg0L_QtdGA0LXQvdC10YHQu9C4LiDQmtC-0LPQtNCwINGB0L7RgdGC0L7QuNGC0YHRjyDRgdC70LXQtNGD0Y7RidC10LU_IAozINCc0LXQttC00YMg0KHQtdGA0LHQuNC10Lkg0Lgg0JrQvtGB0L7QstC-INC-0LHQvtGB0YLRgNC40LvRgdGPINC60L7QvdGE0LvQuNC60YIuINCV0YHRgtGMINC70Lgg0L7Qv9Cw0YHQvdC-0YHRgtGMINC00LvRjyDQvNC-0LvQtNCw0LLRgdC60LjRhSDQvNC40YDQvtGC0LLQvtGA0YbQtdCyPyAKMyDQnNCw0LnRjyDQodCw0L3QtNGDINCy&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C33%3B423093%2C0%2C52%3B409043%2C0%2C78%3B428734%2C0%2C66%3B423102%2C0%2C63%3B417820%2C0%2C41%3B426801%2C0%2C26%3B416749%2C0%2C84%3B415831%2C0%2C44%3B424221%2C0%2C24%3B420559%2C0%2C94%3B426973%2C0%2C23%3B429815%2C0%2C78%3B429457%2C0%2C93%3B204307%2C0%2C76&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22426251%22%2C%22testId%22%3A%22429571%22%7D%5D%2C%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22ENCODE_COOKIE%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22424001%22%7D%5D%2C%22ADAPTIVE_NO_RESIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426539%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22REMOVE_GRAB_LIMIT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427341%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428379%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%5D%2C%22testId%22%3A%22428394%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22428758%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22adaptive0418%22%2C%22adaptive%22%2C%22modernAdaptive%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22grid%22%2C%22160x600%22%2C%22240x400%22%2C%22200x300%22%2C%22300x300%22%2C%22300x250%22%2C%22250x250%22%2C%22728x90%22%2C%221000x120%22%2C%22320x50%22%2C%22320x100%22%2C%22400x240%22%2C%22320x480%22%2C%22480x320%22%2C%22336x280%22%2C%22300x600%22%2C%22300x500%22%2C%22970x250%22%2C%22970x90%22%2C%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22423093%22%7D%5D%2C%22ADAPTIVE_PRICE%22%3A%5B%7B%22value%22%3A%22badge%22%2C%22testId%22%3A%22423093%22%7D%5D%2C%22REACALCULATES_HEIGHT_IF_IFRAME%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22409043%22%7D%5D%2C%22SMART_BANNER_CLIENT_BUNDLE_EXP%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428734%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22423102%22%7D%5D%2C%22IMAGE_STUB_BACKGROUND_TYPE%22%3A%5B%7B%22value%22%3A%22gradient%22%2C%22testId%22%3A%22417820%22%7D%5D%2C%22RTB_MEDIATESTTAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426801%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22415831%22%7D%5D%2C%22DISABLE_TGO_VIDEO_FOR_OID_EXP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22424221%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22disable%22%2C%22testId%22%3A%22420559%22%7D%2C%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22price%22%2C%22discount%22%2C%22image%22%5D%2C%22testId%22%3A%22426973%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_TIMEOUT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244378%22%2C%22testId%22%3A%22429457%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=qY42OXc5EDN%2FRMn626aqFh7Ck0tY8%2BugnCSJNmndHEHLNT6MXRGM3z9s4%2BRqX%2BzkIl3OIYue8PcAFgANWJw964VvDhM%3D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
b761b30cfb2931391b30c212c699193f7245cf56a56adadea60519b46a73acea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 19:08:49 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1632942529385084-1008178683090034037200321-production-app-host-man-pcode-52
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://newsmaker.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 29 Sep 2021 19:08:49 GMT
v2
an.yandex.ru/adfox/239538/getBulk/ 		171 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fnewsmaker.md%2F&date=2021-09-29T19%3A08%3A49.213%2B00%3A00&pd=29&pdh=1200&pdw=1600&pr1=2732975360&pr=3909110749&prr=&pv=19&pw=3&extid_loader=&extid_tag_loader=newsmaker.md&ylv=0.44378&ybv=0.44378&ytt=190216456636437&is-turbo=0&skip-token=&ad-session-id=6446471632942529159&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A748%2C%22h%22%3A0%2C%22width%22%3A748%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A231%2C%22top%22%3A1803%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=44378&p1=cphsz&p2=y&slotNumber=5&bids=W10%3D&grab=dEPQsNC80YvQtSDQstCw0LbQvdGL0LUg0L3QvtCy0L7RgdGC0Lgg0JzQvtC70LTQvtCy0Ysg0Lgg0LzQuNGA0LAgLSBOZXdzTWFrZXIKMyDQnNC10LbQtNGDINCh0LXRgNCx0LjQtdC5INC4INCa0L7RgdC-0LLQviDQvtCx0L7RgdGC0YDQuNC70YHRjyDQutC-0L3RhNC70LjQutGCLiDQldGB0YLRjCDQu9C4INC-0L_QsNGB0L3QvtGB0YLRjCDQtNC70Y8g0LzQvtC70LTQsNCy0YHQutC40YUg0LzQuNGA0L7RgtCy0L7RgNGG0LXQsj8gCjMg0JIg0JzQvtC70LTQvtCy0LUg0LfQsCDRgdGD0YLQutC4INCy0YvRj9Cy0LjQu9C4INC_0L7Rh9GC0LggMSw2INGC0YvRgS4g0YHQu9GD0YfQsNC10LIg0LrQvtGA0L7QvdCw0LLQuNGA0YPRgdCwLiDQo9C80LXRgCAyMSDQsdC-0LvRjNC90L7QuSBDT1ZJRC0xOSAKMyDQotGD0YDRhtC40Y8g0L_QtdGA0LXQtNCw0LvQsCDQnNC-0LvQtNC-0LLQtSA3MCDRgtGL0YEuINC00L7QtyDQstCw0LrRhtC40L3RiyBTaW5vdmFjIAozINCSINC_0L7Qs9C-0L3QtSDQt9CwINC20LjQt9C90YzRji4g0JjRgdGC0L7RgNC40Y8g0JTQtdC90LjRgdCwIOKAlCDQviDRgNC40YHQutC1LCDQtNGA0LDQudCy0LUg0Lgg0LvRjtCx0LLQuCDQuiDQttC40LfQvdC4IAozINCSINCa0LjRiNC40L3QtdCy0LUg0L_RgNC-0LnQtNC10YIgwqvQndC-0YfRjCDQsdC40LHQu9C40L7RgtC10LrCuyAKMyDQotGP0LbQtdC70L7QsNGC0LvQtdGCINC40Lcg0JzQvtC70LTQvtCy0Ysg0LfQsNCy0L7QtdCy0LDQuyDQtNCy0LUg0LHRgNC-0L3Qt9C-0LLRi9C1INC80LXQtNCw0LvQuCDQvdCwINGH0LXQvNC_0LjQvtC90LDRgtC1INCV0LLRgNC-0L_RiyAKMyDQkiDQoNGD0LzRi9C90LjQuCwg0L3QsCDRhNC-0L3QtSDQstGB0L_Qu9C10YHQutCwINC30LDRgNCw0LbQtdC90LjQuSDQutC-0YDQvtC90LDQstC40YDRg9GB0L7QvCwg0YDQsNGB0YLQtdGCINGH0LjRgdC70L4g0LLQsNC60YbQuNC90LjRgNGD0Y7RidC40YXRgdGPIAozINCY0LPQvtGA0Ywg0JPRgNC-0YHRgyDQstGB0YLRgNC10YLQuNC70YHRjyDRgSDQv9GA0LXQt9C40LTQtdC90YLQvtC8INCT0LXRgNC80LDQvdC40LguINCn0YLQviDQvtC90Lgg0L7QsdGB0YPQtNC40LvQuD8gCjMg0J7Rh9C10YDQtdC00L3QvtC1INC30LDRgdC10LTQsNC90LjQtSDRgdGD0LTQsCDQv9C-INC40YHQutGDINGN0LrRgS3Qs9C70LDQstGLINCh0LvRg9C20LHRiyDQs9C-0YHQvtGF0YDQsNC90Ysg0L_RgNC-0YLQuNCyINCh0LDQvdC00YMg0L_QtdGA0LXQvdC10YHQu9C4LiDQmtC-0LPQtNCwINGB0L7RgdGC0L7QuNGC0YHRjyDRgdC70LXQtNGD0Y7RidC10LU_IAozINCc0LXQttC00YMg0KHQtdGA0LHQuNC10Lkg0Lgg0JrQvtGB0L7QstC-INC-0LHQvtGB0YLRgNC40LvRgdGPINC60L7QvdGE0LvQuNC60YIuINCV0YHRgtGMINC70Lgg0L7Qv9Cw0YHQvdC-0YHRgtGMINC00LvRjyDQvNC-0LvQtNCw0LLRgdC60LjRhSDQvNC40YDQvtGC0LLQvtGA0YbQtdCyPyAKMyDQnNCw0LnRjyDQodCw0L3QtNGDINCy&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C33%3B423093%2C0%2C52%3B409043%2C0%2C78%3B428734%2C0%2C66%3B423102%2C0%2C63%3B417820%2C0%2C41%3B426801%2C0%2C26%3B416749%2C0%2C84%3B415831%2C0%2C44%3B424221%2C0%2C24%3B420559%2C0%2C94%3B426973%2C0%2C23%3B429815%2C0%2C78%3B429457%2C0%2C93%3B204307%2C0%2C76&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22426251%22%2C%22testId%22%3A%22429571%22%7D%5D%2C%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22ENCODE_COOKIE%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22424001%22%7D%5D%2C%22ADAPTIVE_NO_RESIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426539%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22REMOVE_GRAB_LIMIT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427341%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428379%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%5D%2C%22testId%22%3A%22428394%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22428758%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22adaptive0418%22%2C%22adaptive%22%2C%22modernAdaptive%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22grid%22%2C%22160x600%22%2C%22240x400%22%2C%22200x300%22%2C%22300x300%22%2C%22300x250%22%2C%22250x250%22%2C%22728x90%22%2C%221000x120%22%2C%22320x50%22%2C%22320x100%22%2C%22400x240%22%2C%22320x480%22%2C%22480x320%22%2C%22336x280%22%2C%22300x600%22%2C%22300x500%22%2C%22970x250%22%2C%22970x90%22%2C%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22423093%22%7D%5D%2C%22ADAPTIVE_PRICE%22%3A%5B%7B%22value%22%3A%22badge%22%2C%22testId%22%3A%22423093%22%7D%5D%2C%22REACALCULATES_HEIGHT_IF_IFRAME%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22409043%22%7D%5D%2C%22SMART_BANNER_CLIENT_BUNDLE_EXP%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428734%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22423102%22%7D%5D%2C%22IMAGE_STUB_BACKGROUND_TYPE%22%3A%5B%7B%22value%22%3A%22gradient%22%2C%22testId%22%3A%22417820%22%7D%5D%2C%22RTB_MEDIATESTTAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426801%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22415831%22%7D%5D%2C%22DISABLE_TGO_VIDEO_FOR_OID_EXP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22424221%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22disable%22%2C%22testId%22%3A%22420559%22%7D%2C%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22price%22%2C%22discount%22%2C%22image%22%5D%2C%22testId%22%3A%22426973%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_TIMEOUT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244378%22%2C%22testId%22%3A%22429457%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=qY42OXc5EDN%2FRMn626aqFh7Ck0tY8%2BugnCSJNmndHEHLNT6MXRGM3z9s4%2BRqX%2BzkIl3OIYue8PcAFgANWJw964VvDhM%3D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
3ef745ebabd95d4bff53f7d91d55c27f539f3639636d0d34cb308c260f83ab6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 19:08:49 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1632942529393609-1473613865434270112800327-production-app-host-sas-pcode-96
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://newsmaker.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 29 Sep 2021 19:08:49 GMT
v2
an.yandex.ru/adfox/239538/getBulk/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fnewsmaker.md%2F&date=2021-09-29T19%3A08%3A49.218%2B00%3A00&pd=29&pdh=1200&pdw=1600&pr1=1323205114&pr=3909110749&prr=&pv=19&pw=3&extid_loader=&extid_tag_loader=newsmaker.md&ylv=0.44378&ybv=0.44378&ytt=190216456636437&is-turbo=0&skip-token=&ad-session-id=6446471632942529159&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A748%2C%22h%22%3A0%2C%22width%22%3A748%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A231%2C%22top%22%3A6011%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=44378&p1=cczrd&p2=y&slotNumber=7&bids=W10%3D&grab=dEPQsNC80YvQtSDQstCw0LbQvdGL0LUg0L3QvtCy0L7RgdGC0Lgg0JzQvtC70LTQvtCy0Ysg0Lgg0LzQuNGA0LAgLSBOZXdzTWFrZXIKMyDQnNC10LbQtNGDINCh0LXRgNCx0LjQtdC5INC4INCa0L7RgdC-0LLQviDQvtCx0L7RgdGC0YDQuNC70YHRjyDQutC-0L3RhNC70LjQutGCLiDQldGB0YLRjCDQu9C4INC-0L_QsNGB0L3QvtGB0YLRjCDQtNC70Y8g0LzQvtC70LTQsNCy0YHQutC40YUg0LzQuNGA0L7RgtCy0L7RgNGG0LXQsj8gCjMg0JIg0JzQvtC70LTQvtCy0LUg0LfQsCDRgdGD0YLQutC4INCy0YvRj9Cy0LjQu9C4INC_0L7Rh9GC0LggMSw2INGC0YvRgS4g0YHQu9GD0YfQsNC10LIg0LrQvtGA0L7QvdCw0LLQuNGA0YPRgdCwLiDQo9C80LXRgCAyMSDQsdC-0LvRjNC90L7QuSBDT1ZJRC0xOSAKMyDQotGD0YDRhtC40Y8g0L_QtdGA0LXQtNCw0LvQsCDQnNC-0LvQtNC-0LLQtSA3MCDRgtGL0YEuINC00L7QtyDQstCw0LrRhtC40L3RiyBTaW5vdmFjIAozINCSINC_0L7Qs9C-0L3QtSDQt9CwINC20LjQt9C90YzRji4g0JjRgdGC0L7RgNC40Y8g0JTQtdC90LjRgdCwIOKAlCDQviDRgNC40YHQutC1LCDQtNGA0LDQudCy0LUg0Lgg0LvRjtCx0LLQuCDQuiDQttC40LfQvdC4IAozINCSINCa0LjRiNC40L3QtdCy0LUg0L_RgNC-0LnQtNC10YIgwqvQndC-0YfRjCDQsdC40LHQu9C40L7RgtC10LrCuyAKMyDQotGP0LbQtdC70L7QsNGC0LvQtdGCINC40Lcg0JzQvtC70LTQvtCy0Ysg0LfQsNCy0L7QtdCy0LDQuyDQtNCy0LUg0LHRgNC-0L3Qt9C-0LLRi9C1INC80LXQtNCw0LvQuCDQvdCwINGH0LXQvNC_0LjQvtC90LDRgtC1INCV0LLRgNC-0L_RiyAKMyDQkiDQoNGD0LzRi9C90LjQuCwg0L3QsCDRhNC-0L3QtSDQstGB0L_Qu9C10YHQutCwINC30LDRgNCw0LbQtdC90LjQuSDQutC-0YDQvtC90LDQstC40YDRg9GB0L7QvCwg0YDQsNGB0YLQtdGCINGH0LjRgdC70L4g0LLQsNC60YbQuNC90LjRgNGD0Y7RidC40YXRgdGPIAozINCY0LPQvtGA0Ywg0JPRgNC-0YHRgyDQstGB0YLRgNC10YLQuNC70YHRjyDRgSDQv9GA0LXQt9C40LTQtdC90YLQvtC8INCT0LXRgNC80LDQvdC40LguINCn0YLQviDQvtC90Lgg0L7QsdGB0YPQtNC40LvQuD8gCjMg0J7Rh9C10YDQtdC00L3QvtC1INC30LDRgdC10LTQsNC90LjQtSDRgdGD0LTQsCDQv9C-INC40YHQutGDINGN0LrRgS3Qs9C70LDQstGLINCh0LvRg9C20LHRiyDQs9C-0YHQvtGF0YDQsNC90Ysg0L_RgNC-0YLQuNCyINCh0LDQvdC00YMg0L_QtdGA0LXQvdC10YHQu9C4LiDQmtC-0LPQtNCwINGB0L7RgdGC0L7QuNGC0YHRjyDRgdC70LXQtNGD0Y7RidC10LU_IAozINCc0LXQttC00YMg0KHQtdGA0LHQuNC10Lkg0Lgg0JrQvtGB0L7QstC-INC-0LHQvtGB0YLRgNC40LvRgdGPINC60L7QvdGE0LvQuNC60YIuINCV0YHRgtGMINC70Lgg0L7Qv9Cw0YHQvdC-0YHRgtGMINC00LvRjyDQvNC-0LvQtNCw0LLRgdC60LjRhSDQvNC40YDQvtGC0LLQvtGA0YbQtdCyPyAKMyDQnNCw0LnRjyDQodCw0L3QtNGDINCy&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C33%3B423093%2C0%2C52%3B409043%2C0%2C78%3B428734%2C0%2C66%3B423102%2C0%2C63%3B417820%2C0%2C41%3B426801%2C0%2C26%3B416749%2C0%2C84%3B415831%2C0%2C44%3B424221%2C0%2C24%3B420559%2C0%2C94%3B426973%2C0%2C23%3B429815%2C0%2C78%3B429457%2C0%2C93%3B204307%2C0%2C76&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22426251%22%2C%22testId%22%3A%22429571%22%7D%5D%2C%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22ENCODE_COOKIE%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22424001%22%7D%5D%2C%22ADAPTIVE_NO_RESIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426539%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22REMOVE_GRAB_LIMIT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427341%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428379%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%5D%2C%22testId%22%3A%22428394%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22428758%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22adaptive0418%22%2C%22adaptive%22%2C%22modernAdaptive%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22grid%22%2C%22160x600%22%2C%22240x400%22%2C%22200x300%22%2C%22300x300%22%2C%22300x250%22%2C%22250x250%22%2C%22728x90%22%2C%221000x120%22%2C%22320x50%22%2C%22320x100%22%2C%22400x240%22%2C%22320x480%22%2C%22480x320%22%2C%22336x280%22%2C%22300x600%22%2C%22300x500%22%2C%22970x250%22%2C%22970x90%22%2C%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22423093%22%7D%5D%2C%22ADAPTIVE_PRICE%22%3A%5B%7B%22value%22%3A%22badge%22%2C%22testId%22%3A%22423093%22%7D%5D%2C%22REACALCULATES_HEIGHT_IF_IFRAME%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22409043%22%7D%5D%2C%22SMART_BANNER_CLIENT_BUNDLE_EXP%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428734%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22423102%22%7D%5D%2C%22IMAGE_STUB_BACKGROUND_TYPE%22%3A%5B%7B%22value%22%3A%22gradient%22%2C%22testId%22%3A%22417820%22%7D%5D%2C%22RTB_MEDIATESTTAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426801%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22415831%22%7D%5D%2C%22DISABLE_TGO_VIDEO_FOR_OID_EXP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22424221%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22disable%22%2C%22testId%22%3A%22420559%22%7D%2C%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22price%22%2C%22discount%22%2C%22image%22%5D%2C%22testId%22%3A%22426973%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_TIMEOUT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244378%22%2C%22testId%22%3A%22429457%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=qY42OXc5EDN%2FRMn626aqFh7Ck0tY8%2BugnCSJNmndHEHLNT6MXRGM3z9s4%2BRqX%2BzkIl3OIYue8PcAFgANWJw964VvDhM%3D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
b59782378e9672b3938e95d8dbcd37279b28c4963aec93667717bfac0b39c6f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 19:08:49 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1632942529393806-879027358424810285000321-production-app-host-sas-pcode-238
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://newsmaker.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 29 Sep 2021 19:08:49 GMT
v2
an.yandex.ru/adfox/239538/getBulk/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fnewsmaker.md%2F&date=2021-09-29T19%3A08%3A49.224%2B00%3A00&pd=29&pdh=1200&pdw=1600&pr1=2652568445&pr=3909110749&prr=&pv=19&pw=3&extid_loader=&extid_tag_loader=newsmaker.md&ylv=0.44378&ybv=0.44378&ytt=190216456636437&is-turbo=0&skip-token=&ad-session-id=6446471632942529159&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1060%2C%22top%22%3A1441%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=44378&p1=cgisv&p2=fmoq&slotNumber=9&bids=W10%3D&grab=dEPQsNC80YvQtSDQstCw0LbQvdGL0LUg0L3QvtCy0L7RgdGC0Lgg0JzQvtC70LTQvtCy0Ysg0Lgg0LzQuNGA0LAgLSBOZXdzTWFrZXIKMyDQnNC10LbQtNGDINCh0LXRgNCx0LjQtdC5INC4INCa0L7RgdC-0LLQviDQvtCx0L7RgdGC0YDQuNC70YHRjyDQutC-0L3RhNC70LjQutGCLiDQldGB0YLRjCDQu9C4INC-0L_QsNGB0L3QvtGB0YLRjCDQtNC70Y8g0LzQvtC70LTQsNCy0YHQutC40YUg0LzQuNGA0L7RgtCy0L7RgNGG0LXQsj8gCjMg0JIg0JzQvtC70LTQvtCy0LUg0LfQsCDRgdGD0YLQutC4INCy0YvRj9Cy0LjQu9C4INC_0L7Rh9GC0LggMSw2INGC0YvRgS4g0YHQu9GD0YfQsNC10LIg0LrQvtGA0L7QvdCw0LLQuNGA0YPRgdCwLiDQo9C80LXRgCAyMSDQsdC-0LvRjNC90L7QuSBDT1ZJRC0xOSAKMyDQotGD0YDRhtC40Y8g0L_QtdGA0LXQtNCw0LvQsCDQnNC-0LvQtNC-0LLQtSA3MCDRgtGL0YEuINC00L7QtyDQstCw0LrRhtC40L3RiyBTaW5vdmFjIAozINCSINC_0L7Qs9C-0L3QtSDQt9CwINC20LjQt9C90YzRji4g0JjRgdGC0L7RgNC40Y8g0JTQtdC90LjRgdCwIOKAlCDQviDRgNC40YHQutC1LCDQtNGA0LDQudCy0LUg0Lgg0LvRjtCx0LLQuCDQuiDQttC40LfQvdC4IAozINCSINCa0LjRiNC40L3QtdCy0LUg0L_RgNC-0LnQtNC10YIgwqvQndC-0YfRjCDQsdC40LHQu9C40L7RgtC10LrCuyAKMyDQotGP0LbQtdC70L7QsNGC0LvQtdGCINC40Lcg0JzQvtC70LTQvtCy0Ysg0LfQsNCy0L7QtdCy0LDQuyDQtNCy0LUg0LHRgNC-0L3Qt9C-0LLRi9C1INC80LXQtNCw0LvQuCDQvdCwINGH0LXQvNC_0LjQvtC90LDRgtC1INCV0LLRgNC-0L_RiyAKMyDQkiDQoNGD0LzRi9C90LjQuCwg0L3QsCDRhNC-0L3QtSDQstGB0L_Qu9C10YHQutCwINC30LDRgNCw0LbQtdC90LjQuSDQutC-0YDQvtC90LDQstC40YDRg9GB0L7QvCwg0YDQsNGB0YLQtdGCINGH0LjRgdC70L4g0LLQsNC60YbQuNC90LjRgNGD0Y7RidC40YXRgdGPIAozINCY0LPQvtGA0Ywg0JPRgNC-0YHRgyDQstGB0YLRgNC10YLQuNC70YHRjyDRgSDQv9GA0LXQt9C40LTQtdC90YLQvtC8INCT0LXRgNC80LDQvdC40LguINCn0YLQviDQvtC90Lgg0L7QsdGB0YPQtNC40LvQuD8gCjMg0J7Rh9C10YDQtdC00L3QvtC1INC30LDRgdC10LTQsNC90LjQtSDRgdGD0LTQsCDQv9C-INC40YHQutGDINGN0LrRgS3Qs9C70LDQstGLINCh0LvRg9C20LHRiyDQs9C-0YHQvtGF0YDQsNC90Ysg0L_RgNC-0YLQuNCyINCh0LDQvdC00YMg0L_QtdGA0LXQvdC10YHQu9C4LiDQmtC-0LPQtNCwINGB0L7RgdGC0L7QuNGC0YHRjyDRgdC70LXQtNGD0Y7RidC10LU_IAozINCc0LXQttC00YMg0KHQtdGA0LHQuNC10Lkg0Lgg0JrQvtGB0L7QstC-INC-0LHQvtGB0YLRgNC40LvRgdGPINC60L7QvdGE0LvQuNC60YIuINCV0YHRgtGMINC70Lgg0L7Qv9Cw0YHQvdC-0YHRgtGMINC00LvRjyDQvNC-0LvQtNCw0LLRgdC60LjRhSDQvNC40YDQvtGC0LLQvtGA0YbQtdCyPyAKMyDQnNCw0LnRjyDQodCw0L3QtNGDINCy&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C33%3B423093%2C0%2C52%3B409043%2C0%2C78%3B428734%2C0%2C66%3B423102%2C0%2C63%3B417820%2C0%2C41%3B426801%2C0%2C26%3B416749%2C0%2C84%3B415831%2C0%2C44%3B424221%2C0%2C24%3B420559%2C0%2C94%3B426973%2C0%2C23%3B429815%2C0%2C78%3B429457%2C0%2C93%3B204307%2C0%2C76&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22426251%22%2C%22testId%22%3A%22429571%22%7D%5D%2C%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22ENCODE_COOKIE%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22424001%22%7D%5D%2C%22ADAPTIVE_NO_RESIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426539%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22REMOVE_GRAB_LIMIT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427341%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428379%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%5D%2C%22testId%22%3A%22428394%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22428758%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22adaptive0418%22%2C%22adaptive%22%2C%22modernAdaptive%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22grid%22%2C%22160x600%22%2C%22240x400%22%2C%22200x300%22%2C%22300x300%22%2C%22300x250%22%2C%22250x250%22%2C%22728x90%22%2C%221000x120%22%2C%22320x50%22%2C%22320x100%22%2C%22400x240%22%2C%22320x480%22%2C%22480x320%22%2C%22336x280%22%2C%22300x600%22%2C%22300x500%22%2C%22970x250%22%2C%22970x90%22%2C%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22423093%22%7D%5D%2C%22ADAPTIVE_PRICE%22%3A%5B%7B%22value%22%3A%22badge%22%2C%22testId%22%3A%22423093%22%7D%5D%2C%22REACALCULATES_HEIGHT_IF_IFRAME%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22409043%22%7D%5D%2C%22SMART_BANNER_CLIENT_BUNDLE_EXP%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428734%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22423102%22%7D%5D%2C%22IMAGE_STUB_BACKGROUND_TYPE%22%3A%5B%7B%22value%22%3A%22gradient%22%2C%22testId%22%3A%22417820%22%7D%5D%2C%22RTB_MEDIATESTTAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426801%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22415831%22%7D%5D%2C%22DISABLE_TGO_VIDEO_FOR_OID_EXP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22424221%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22disable%22%2C%22testId%22%3A%22420559%22%7D%2C%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22price%22%2C%22discount%22%2C%22image%22%5D%2C%22testId%22%3A%22426973%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_TIMEOUT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244378%22%2C%22testId%22%3A%22429457%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=qY42OXc5EDN%2FRMn626aqFh7Ck0tY8%2BugnCSJNmndHEHLNT6MXRGM3z9s4%2BRqX%2BzkIl3OIYue8PcAFgANWJw964VvDhM%3D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
bbbe8aa3c209729aa9ea758a124fdb1b3ee9399e94c0a8cace73a531385ab636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 19:08:49 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1632942529407718-465039962293605594200353-production-app-host-vla-pcode-21
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://newsmaker.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 29 Sep 2021 19:08:49 GMT
v2
an.yandex.ru/adfox/239538/getBulk/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fnewsmaker.md%2F&date=2021-09-29T19%3A08%3A49.233%2B00%3A00&pd=29&pdh=1200&pdw=1600&pr1=2165031557&pr=3909110749&prr=&pv=19&pw=3&extid_loader=&extid_tag_loader=newsmaker.md&ylv=0.44378&ybv=0.44378&ytt=190216456636437&is-turbo=0&skip-token=&ad-session-id=6446471632942529159&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A360%2C%22h%22%3A0%2C%22width%22%3A360%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1030%2C%22top%22%3A3770%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A5%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=44378&p1=chdfd&p2=fwgw&slotNumber=11&bids=W10%3D&grab=dEPQsNC80YvQtSDQstCw0LbQvdGL0LUg0L3QvtCy0L7RgdGC0Lgg0JzQvtC70LTQvtCy0Ysg0Lgg0LzQuNGA0LAgLSBOZXdzTWFrZXIKMyDQnNC10LbQtNGDINCh0LXRgNCx0LjQtdC5INC4INCa0L7RgdC-0LLQviDQvtCx0L7RgdGC0YDQuNC70YHRjyDQutC-0L3RhNC70LjQutGCLiDQldGB0YLRjCDQu9C4INC-0L_QsNGB0L3QvtGB0YLRjCDQtNC70Y8g0LzQvtC70LTQsNCy0YHQutC40YUg0LzQuNGA0L7RgtCy0L7RgNGG0LXQsj8gCjMg0JIg0JzQvtC70LTQvtCy0LUg0LfQsCDRgdGD0YLQutC4INCy0YvRj9Cy0LjQu9C4INC_0L7Rh9GC0LggMSw2INGC0YvRgS4g0YHQu9GD0YfQsNC10LIg0LrQvtGA0L7QvdCw0LLQuNGA0YPRgdCwLiDQo9C80LXRgCAyMSDQsdC-0LvRjNC90L7QuSBDT1ZJRC0xOSAKMyDQotGD0YDRhtC40Y8g0L_QtdGA0LXQtNCw0LvQsCDQnNC-0LvQtNC-0LLQtSA3MCDRgtGL0YEuINC00L7QtyDQstCw0LrRhtC40L3RiyBTaW5vdmFjIAozINCSINC_0L7Qs9C-0L3QtSDQt9CwINC20LjQt9C90YzRji4g0JjRgdGC0L7RgNC40Y8g0JTQtdC90LjRgdCwIOKAlCDQviDRgNC40YHQutC1LCDQtNGA0LDQudCy0LUg0Lgg0LvRjtCx0LLQuCDQuiDQttC40LfQvdC4IAozINCSINCa0LjRiNC40L3QtdCy0LUg0L_RgNC-0LnQtNC10YIgwqvQndC-0YfRjCDQsdC40LHQu9C40L7RgtC10LrCuyAKMyDQotGP0LbQtdC70L7QsNGC0LvQtdGCINC40Lcg0JzQvtC70LTQvtCy0Ysg0LfQsNCy0L7QtdCy0LDQuyDQtNCy0LUg0LHRgNC-0L3Qt9C-0LLRi9C1INC80LXQtNCw0LvQuCDQvdCwINGH0LXQvNC_0LjQvtC90LDRgtC1INCV0LLRgNC-0L_RiyAKMyDQkiDQoNGD0LzRi9C90LjQuCwg0L3QsCDRhNC-0L3QtSDQstGB0L_Qu9C10YHQutCwINC30LDRgNCw0LbQtdC90LjQuSDQutC-0YDQvtC90LDQstC40YDRg9GB0L7QvCwg0YDQsNGB0YLQtdGCINGH0LjRgdC70L4g0LLQsNC60YbQuNC90LjRgNGD0Y7RidC40YXRgdGPIAozINCY0LPQvtGA0Ywg0JPRgNC-0YHRgyDQstGB0YLRgNC10YLQuNC70YHRjyDRgSDQv9GA0LXQt9C40LTQtdC90YLQvtC8INCT0LXRgNC80LDQvdC40LguINCn0YLQviDQvtC90Lgg0L7QsdGB0YPQtNC40LvQuD8gCjMg0J7Rh9C10YDQtdC00L3QvtC1INC30LDRgdC10LTQsNC90LjQtSDRgdGD0LTQsCDQv9C-INC40YHQutGDINGN0LrRgS3Qs9C70LDQstGLINCh0LvRg9C20LHRiyDQs9C-0YHQvtGF0YDQsNC90Ysg0L_RgNC-0YLQuNCyINCh0LDQvdC00YMg0L_QtdGA0LXQvdC10YHQu9C4LiDQmtC-0LPQtNCwINGB0L7RgdGC0L7QuNGC0YHRjyDRgdC70LXQtNGD0Y7RidC10LU_IAozINCc0LXQttC00YMg0KHQtdGA0LHQuNC10Lkg0Lgg0JrQvtGB0L7QstC-INC-0LHQvtGB0YLRgNC40LvRgdGPINC60L7QvdGE0LvQuNC60YIuINCV0YHRgtGMINC70Lgg0L7Qv9Cw0YHQvdC-0YHRgtGMINC00LvRjyDQvNC-0LvQtNCw0LLRgdC60LjRhSDQvNC40YDQvtGC0LLQvtGA0YbQtdCyPyAKMyDQnNCw0LnRjyDQodCw0L3QtNGDINCy&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C33%3B423093%2C0%2C52%3B409043%2C0%2C78%3B428734%2C0%2C66%3B423102%2C0%2C63%3B417820%2C0%2C41%3B426801%2C0%2C26%3B416749%2C0%2C84%3B415831%2C0%2C44%3B424221%2C0%2C24%3B420559%2C0%2C94%3B426973%2C0%2C23%3B429815%2C0%2C78%3B429457%2C0%2C93%3B204307%2C0%2C76&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22426251%22%2C%22testId%22%3A%22429571%22%7D%5D%2C%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22ENCODE_COOKIE%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22424001%22%7D%5D%2C%22ADAPTIVE_NO_RESIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426539%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22REMOVE_GRAB_LIMIT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427341%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428379%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%5D%2C%22testId%22%3A%22428394%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22428758%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22adaptive0418%22%2C%22adaptive%22%2C%22modernAdaptive%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22grid%22%2C%22160x600%22%2C%22240x400%22%2C%22200x300%22%2C%22300x300%22%2C%22300x250%22%2C%22250x250%22%2C%22728x90%22%2C%221000x120%22%2C%22320x50%22%2C%22320x100%22%2C%22400x240%22%2C%22320x480%22%2C%22480x320%22%2C%22336x280%22%2C%22300x600%22%2C%22300x500%22%2C%22970x250%22%2C%22970x90%22%2C%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22423093%22%7D%5D%2C%22ADAPTIVE_PRICE%22%3A%5B%7B%22value%22%3A%22badge%22%2C%22testId%22%3A%22423093%22%7D%5D%2C%22REACALCULATES_HEIGHT_IF_IFRAME%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22409043%22%7D%5D%2C%22SMART_BANNER_CLIENT_BUNDLE_EXP%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428734%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22423102%22%7D%5D%2C%22IMAGE_STUB_BACKGROUND_TYPE%22%3A%5B%7B%22value%22%3A%22gradient%22%2C%22testId%22%3A%22417820%22%7D%5D%2C%22RTB_MEDIATESTTAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426801%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22415831%22%7D%5D%2C%22DISABLE_TGO_VIDEO_FOR_OID_EXP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22424221%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22disable%22%2C%22testId%22%3A%22420559%22%7D%2C%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22price%22%2C%22discount%22%2C%22image%22%5D%2C%22testId%22%3A%22426973%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_TIMEOUT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244378%22%2C%22testId%22%3A%22429457%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=qY42OXc5EDN%2FRMn626aqFh7Ck0tY8%2BugnCSJNmndHEHLNT6MXRGM3z9s4%2BRqX%2BzkIl3OIYue8PcAFgANWJw964VvDhM%3D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
3a1a1b87604308c60580d014db4f9d8983e637e53df2ed0098152cb67ffa1780
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 19:08:49 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1632942529411988-1345667060007987235400361-production-app-host-man-pcode-110
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://newsmaker.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 29 Sep 2021 19:08:49 GMT
551e7e2eb83f5d8dd500.js
yastatic.net/partner-code-bundles/44378/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/44378/551e7e2eb83f5d8dd500.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
6b9411a9044e0378b9538572430ddb79bd16138c2830c11397518a552f364c9a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://newsmaker.md/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4464
last-modified
Wed, 29 Sep 2021 06:48:29 GMT
server
nginx/1.17.9
etag
"fe6f0e832e1c97143232cc051fce1b9e"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2051 01:39:59 GMT
154ede08875a0ba9f141.js
yastatic.net/partner-code-bundles/44378/ 		1 MB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/44378/154ede08875a0ba9f141.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
a11d5c3d55e803f4385a4a4f4c948878d1c2afa8f697103a7fa07c9be34d71d4
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://newsmaker.md/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
223847
last-modified
Wed, 29 Sep 2021 06:48:29 GMT
server
nginx/1.17.9
etag
"35b4722f2dcfded712c14061b935e5df"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2051 01:39:59 GMT
0b52bd7024fb2bb274e4.js
yastatic.net/partner-code-bundles/44378/ 		453 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/44378/0b52bd7024fb2bb274e4.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
ffe827c9fdf833202761ebf4c9ab6c94f9074d4ef18a678017e3059ae1491ea6
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://newsmaker.md/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
85255
last-modified
Wed, 29 Sep 2021 06:48:29 GMT
server
nginx/1.17.9
etag
"73a3db603395bd8d300646ce1da2d9d8"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2051 01:39:59 GMT
v2
an.yandex.ru/adfox/239538/getBulk/ 		171 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fnewsmaker.md%2F&date=2021-09-29T19%3A08%3A49.394%2B00%3A00&pd=29&pdh=1200&pdw=1600&pr1=4179193446&pr=3909110749&prr=&pv=19&pw=3&extid_loader=&extid_tag_loader=newsmaker.md&ylv=0.44378&ybv=0.44378&ytt=190216456636437&is-turbo=0&skip-token=&ad-session-id=6446471632942529159&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A1200%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A6%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=44378&p1=chvyy&p2=y&slotNumber=13&bids=W10%3D&grab=dEPQsNC80YvQtSDQstCw0LbQvdGL0LUg0L3QvtCy0L7RgdGC0Lgg0JzQvtC70LTQvtCy0Ysg0Lgg0LzQuNGA0LAgLSBOZXdzTWFrZXIKMyDQnNC10LbQtNGDINCh0LXRgNCx0LjQtdC5INC4INCa0L7RgdC-0LLQviDQvtCx0L7RgdGC0YDQuNC70YHRjyDQutC-0L3RhNC70LjQutGCLiDQldGB0YLRjCDQu9C4INC-0L_QsNGB0L3QvtGB0YLRjCDQtNC70Y8g0LzQvtC70LTQsNCy0YHQutC40YUg0LzQuNGA0L7RgtCy0L7RgNGG0LXQsj8gCjMg0JIg0JzQvtC70LTQvtCy0LUg0LfQsCDRgdGD0YLQutC4INCy0YvRj9Cy0LjQu9C4INC_0L7Rh9GC0LggMSw2INGC0YvRgS4g0YHQu9GD0YfQsNC10LIg0LrQvtGA0L7QvdCw0LLQuNGA0YPRgdCwLiDQo9C80LXRgCAyMSDQsdC-0LvRjNC90L7QuSBDT1ZJRC0xOSAKMyDQotGD0YDRhtC40Y8g0L_QtdGA0LXQtNCw0LvQsCDQnNC-0LvQtNC-0LLQtSA3MCDRgtGL0YEuINC00L7QtyDQstCw0LrRhtC40L3RiyBTaW5vdmFjIAozINCSINC_0L7Qs9C-0L3QtSDQt9CwINC20LjQt9C90YzRji4g0JjRgdGC0L7RgNC40Y8g0JTQtdC90LjRgdCwIOKAlCDQviDRgNC40YHQutC1LCDQtNGA0LDQudCy0LUg0Lgg0LvRjtCx0LLQuCDQuiDQttC40LfQvdC4IAozINCSINCa0LjRiNC40L3QtdCy0LUg0L_RgNC-0LnQtNC10YIgwqvQndC-0YfRjCDQsdC40LHQu9C40L7RgtC10LrCuyAKMyDQotGP0LbQtdC70L7QsNGC0LvQtdGCINC40Lcg0JzQvtC70LTQvtCy0Ysg0LfQsNCy0L7QtdCy0LDQuyDQtNCy0LUg0LHRgNC-0L3Qt9C-0LLRi9C1INC80LXQtNCw0LvQuCDQvdCwINGH0LXQvNC_0LjQvtC90LDRgtC1INCV0LLRgNC-0L_RiyAKMyDQkiDQoNGD0LzRi9C90LjQuCwg0L3QsCDRhNC-0L3QtSDQstGB0L_Qu9C10YHQutCwINC30LDRgNCw0LbQtdC90LjQuSDQutC-0YDQvtC90LDQstC40YDRg9GB0L7QvCwg0YDQsNGB0YLQtdGCINGH0LjRgdC70L4g0LLQsNC60YbQuNC90LjRgNGD0Y7RidC40YXRgdGPIAozINCY0LPQvtGA0Ywg0JPRgNC-0YHRgyDQstGB0YLRgNC10YLQuNC70YHRjyDRgSDQv9GA0LXQt9C40LTQtdC90YLQvtC8INCT0LXRgNC80LDQvdC40LguINCn0YLQviDQvtC90Lgg0L7QsdGB0YPQtNC40LvQuD8gCjMg0J7Rh9C10YDQtdC00L3QvtC1INC30LDRgdC10LTQsNC90LjQtSDRgdGD0LTQsCDQv9C-INC40YHQutGDINGN0LrRgS3Qs9C70LDQstGLINCh0LvRg9C20LHRiyDQs9C-0YHQvtGF0YDQsNC90Ysg0L_RgNC-0YLQuNCyINCh0LDQvdC00YMg0L_QtdGA0LXQvdC10YHQu9C4LiDQmtC-0LPQtNCwINGB0L7RgdGC0L7QuNGC0YHRjyDRgdC70LXQtNGD0Y7RidC10LU_IAozINCc0LXQttC00YMg0KHQtdGA0LHQuNC10Lkg0Lgg0JrQvtGB0L7QstC-INC-0LHQvtGB0YLRgNC40LvRgdGPINC60L7QvdGE0LvQuNC60YIuINCV0YHRgtGMINC70Lgg0L7Qv9Cw0YHQvdC-0YHRgtGMINC00LvRjyDQvNC-0LvQtNCw0LLRgdC60LjRhSDQvNC40YDQvtGC0LLQvtGA0YbQtdCyPyAKMyDQnNCw0LnRjyDQodCw0L3QtNGDINCy&utf8=%E2%9C%93&pcode-test-ids=428758%2C0%2C33%3B423093%2C0%2C52%3B409043%2C0%2C78%3B428734%2C0%2C66%3B423102%2C0%2C63%3B417820%2C0%2C41%3B426801%2C0%2C26%3B416749%2C0%2C84%3B415831%2C0%2C44%3B424221%2C0%2C24%3B420559%2C0%2C94%3B426973%2C0%2C23%3B429815%2C0%2C78%3B429457%2C0%2C93%3B204307%2C0%2C76&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22426251%22%2C%22testId%22%3A%22429571%22%7D%5D%2C%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22ENCODE_COOKIE%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22424001%22%7D%5D%2C%22ADAPTIVE_NO_RESIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426539%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22REMOVE_GRAB_LIMIT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427341%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428379%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%5D%2C%22testId%22%3A%22428394%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22428758%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22adaptive0418%22%2C%22adaptive%22%2C%22modernAdaptive%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22grid%22%2C%22160x600%22%2C%22240x400%22%2C%22200x300%22%2C%22300x300%22%2C%22300x250%22%2C%22250x250%22%2C%22728x90%22%2C%221000x120%22%2C%22320x50%22%2C%22320x100%22%2C%22400x240%22%2C%22320x480%22%2C%22480x320%22%2C%22336x280%22%2C%22300x600%22%2C%22300x500%22%2C%22970x250%22%2C%22970x90%22%2C%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22423093%22%7D%5D%2C%22ADAPTIVE_PRICE%22%3A%5B%7B%22value%22%3A%22badge%22%2C%22testId%22%3A%22423093%22%7D%5D%2C%22REACALCULATES_HEIGHT_IF_IFRAME%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22409043%22%7D%5D%2C%22SMART_BANNER_CLIENT_BUNDLE_EXP%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428734%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22423102%22%7D%5D%2C%22IMAGE_STUB_BACKGROUND_TYPE%22%3A%5B%7B%22value%22%3A%22gradient%22%2C%22testId%22%3A%22417820%22%7D%5D%2C%22RTB_MEDIATESTTAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22426801%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22415831%22%7D%5D%2C%22DISABLE_TGO_VIDEO_FOR_OID_EXP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22424221%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22disable%22%2C%22testId%22%3A%22420559%22%7D%2C%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22price%22%2C%22discount%22%2C%22image%22%5D%2C%22testId%22%3A%22426973%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_TIMEOUT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244378%22%2C%22testId%22%3A%22429457%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=qY42OXc5EDN%2FRMn626aqFh7Ck0tY8%2BugnCSJNmndHEHLNT6MXRGM3z9s4%2BRqX%2BzkIl3OIYue8PcAFgANWJw964VvDhM%3D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
4fc0960c5de6d851cc410d201d47deb215919254c72342b3dbc667a26f7a868b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 19:08:49 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1632942529415804-1506775373241734663600334-production-app-host-man-pcode-61
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://newsmaker.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 29 Sep 2021 19:08:49 GMT
xgemius.js
gamd.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gamd.hit.gemius.pl/xgemius.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.227 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GHC /
Resource Hash
f62da9fa67a86fc30d576a01706e20a58fbe41ff7b9ac45671746fb2ac766d39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 10:02:32 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Thu, 30 Sep 2021 07:08:49 GMT
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/masonry.pkgd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
7b6ca722b11ece7b4d120738db3c14b8880487b0646a71812abaa66755033d12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires
Wed, 29 Sep 2021 19:08:49 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=591328718360278&ev=fb_page_view&dl=https%3A%2F%2Fnewsmaker.md%2F&rl=&if=false&ts=1632942529468&sw=1600&sh=1200&at=
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 29 Sep 2021 19:08:49 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
38
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
696780997e994a91-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 02 Oct 2021 19:08:49 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=82254995&t=pageview&_s=1&dl=https%3A%2F%2Fnewsmaker.md%2F&ul=en-us&de=UTF-8&dt=C%D0%B0%D0%BC%D1%8B%D0%B5%20%D0%B2%D0%B0%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9C%D0%BE%D0%BB%D0%B4%D0%BE%D0%B2%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20-%20NewsMaker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1235048990&gjid=1074951450&cid=29800867.1632942530&tid=UA-20449281-10&_gid=1283154276.1632942530&_r=1&gtm=2wg9r0K7HFJTH&z=1321037941
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsmaker.md/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsmaker.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 26EC 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.107.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Wed, 29 Sep 2021 19:23:49 GMT
index.min.js
banners.adfox.ru/210920/adfox/1227610/4631748/ Frame 26EC 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banners.adfox.ru/210920/adfox/1227610/4631748/index.min.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.158.134.158 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
s3.yandex.net
Software
nginx /
Resource Hash
70579c4feeee13f949ae2693e6875d6fc48292cab8dd127f1aed90573d02ba63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
br
last-modified
Mon, 20 Sep 2021 07:15:49 GMT
server
nginx
x-amz-request-id
21e8e9a5bc6b98df
etag
W/"8480759bd1b15ab3eb8c7edd1475d933"
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id
null
access-control-allow-origin
*
content-type
text/javascript
x-nginx-request-id
21e8e9a5bc6b98df
gpt.js
www.googletagservices.com/tag/js/ Frame D67A 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
9ef22b86fa9168ef8f4899809dd89508bb9f3023a0f50b3a66c3fcde6800bf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1000 / 505 of 1000 / last-modified: 1632913824"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25708
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Sep 2021 19:08:49 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame F239 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
4d2f35d749b170352dc0eeb830485b14cfce0fe4e29bf2c1ca17d058a89aa68c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1000 / 390 of 1000 / last-modified: 1632913824"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25164
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Sep 2021 19:08:49 GMT
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=a3d3b17ebef701aa&pm=cyz&p5=kdnse&rand=kkowzee&sj=OiyXs5Ep-b2rx4HEy3ek9mlHbQd7OkqvSZcvtA_1TTZOYgqGhSLi0HuHmL41&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=cczra&rqs=wb1e7PGgRAjBuVRhjUNEuuNn2G9c08XQ&p2=y
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:50 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=6fe46cd0a39ef0e2&pm=cyz&p5=kdcvb&rand=eepzkpr&sj=JomfwEDmfKcruQsa8wWHd0SqkcurWGnmuUZGG2qO6fLy812_PDRjpwp81bmdgg%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=ciejl&rqs=wclpZXY5xF3BuVRhp8EOculNYCyn_KVC&p2=y
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:50 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
Trattoria_Vitello_750x250.jpg
rtr.md/wp-content/uploads/2021/09/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtr.md/wp-content/uploads/2021/09/Trattoria_Vitello_750x250.jpg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
86.105.81.36 Briceni, Moldova, ASN8926 (MOLDTELECOM-AS Moldtelecom Autonomous System, MD),
Reverse DNS
www.rtr.md
Software
nginx /
Resource Hash
b9001a4bcf505fe51907d632a4f659b4522598f89531a4530cbeb5a23c8760de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:46 GMT
Last-Modified
Thu, 16 Sep 2021 11:47:37 GMT
Server
nginx
ETag
"61432ed9-30151"
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Location, Server, range
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, range
Content-Length
196945
Expires
Thu, 31 Dec 2037 23:55:55 GMT
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=e013375a0e87ad46&pm=cyz&p5=keqns&rand=jpwltup&sj=arRzpxyye_Hf6t5ZyOxx-oY_BCiHrKy0Hao6VzVU58WQuxI30AnIyMqaOLqqDg%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=cgisv&rqs=wQFnvdQAPz_BuVRhtQCpQQDPbgO6BBiC&p2=fmoq
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:50 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
Farmacia_Familiei_300x600.png
rtr.md/wp-content/uploads/2021/09/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtr.md/wp-content/uploads/2021/09/Farmacia_Familiei_300x600.png
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
86.105.81.36 Briceni, Moldova, ASN8926 (MOLDTELECOM-AS Moldtelecom Autonomous System, MD),
Reverse DNS
www.rtr.md
Software
nginx /
Resource Hash
79e7f37ed146c8f2ab1acbc97fdafbc0b59b8f818ee4aabc0d564613007d990d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:46 GMT
Last-Modified
Wed, 29 Sep 2021 06:56:57 GMT
Server
nginx
ETag
"61540e39-21a09"
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Location, Server, range
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, range
Content-Length
137737
Expires
Thu, 31 Dec 2037 23:55:55 GMT
event
ads.adfox.ru/239538/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=8d925128798536d8&pm=bmo&pxo=XFbEb_yTQJXFZczRRxEMPgq4_mZjN2vZu4zhB616DB-SULrn0lsHB6msPLHIYJJL1myrMDk8BSh75UaEaDaUCGeUSJ_tGu5L3aX5DP28YoZgNRwI0vwF385nKIEBaT6D6pyHJt39b0gZ053Nl2astW7eoITsI4qXX3skKDAn4B250d6r&p5=gvoqp&rand=bkoeysm&sj=ZOSXoIjmEMjMtjpMKwZX0UX8XXHpUrkmms7je_3i7SymQh3iFTaEmT5CulP7qg%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=chdfd&rqs=wX1viCBbUG_BuVRh5I2Rpq_lzC4GjPo3&rtb-si=b&p2=fwgw
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:50 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=d6c2a794209fef82&pm=bmo&pxo=CWhhHhsqlhI1CtgC6U_eeiZXZrFYPGtQzgaK8kK1TlSoHE6wSGeUV9BnWgTgR4Bg8zJ3EL7PtyKPJwMa06wGdhJgE5H9rn0YdV9GYdkhtYRl-9C8ad9P5OwoJws36qZ44Lc9zju8Ev8lUgYBdZohd4CRKWW0kk0jMTIHSXXP14p6myk8Bg%3D%3D&p5=fxybz&rand=czoqnjy&sj=lTbqm4nyoXWvKcXquQGbUsGdKYC_BW_uGlF2neuQtqwX342z_UiRSkq08MHr4g%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=cczrd&rqs=wfnPPZ--wE7BuVRhk7KhilWEzZAWpF1S&rtb-si=b&p2=y
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:50 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
rules-p-ksD3D2ZUrQnZ_.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-ksD3D2ZUrQnZ_.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
436d419f765ec356a4a256605e1baa5ce59137cfae9728ac54ee0d60baacfb24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:19:53 GMT
content-encoding
gzip
age
2942
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 13 Jun 2018 11:55:01 GMT
server
AmazonS3
etag
W/"b90ae95bb800b7b2bbb16a60b55e199e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
n4E35x1v18GOfXfNgPdaLknEUqnShe-w3ghIHhA_AfU9qxxjVmBX5g==
modules.e95f6e2deb67f1b24d8e.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1649282.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-121.fra2.r.cloudfront.net
Software
/
Resource Hash
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:27:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
124904
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
59787
access-control-allow-origin
*
last-modified
Tue, 28 Sep 2021 08:26:22 GMT
etag
"4c2c45df8457d0c2a07b3285a23cd7a4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
lb-uODD-LB-C0IUbmsYbIPIfsz1W8pPkUKArSgg5XBg8ccvCoFx3uQ==
1319186005149532
connect.facebook.net/signals/config/ 		490 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1319186005149532?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
fbdc391b751eceeda6ebd31846e2d647cbcef0b1111524c2b1d07d4d5ff5cbe5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
146760
x-xss-protection
0
pragma
public
x-fb-debug
Yt3Rl7GB7XdYG3TaXAWfbaRVbWv8ORuHYhrnJRXKI26tU+hwhGYVDprXrRYO6fm11OPh8XnTi1wRhYkINyVrnw==
x-frame-options
DENY
date
Wed, 29 Sep 2021 19:08:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/d82ca80e/www-widgetapi.vflset/ 		135 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 13:59:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
18550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Sep 2022 13:59:39 GMT
fpdata.js
gamd.hit.gemius.pl/ 		281 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gamd.hit.gemius.pl/fpdata.js?href=newsmaker.md
Requested by
Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.227 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GHC /
Resource Hash
567bd1ed0968ba88ca5ad619cf3ab95e119bd451077023f57c2410392c70a8a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:49 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
281
expires
Fri, 29 Oct 2021 19:08:49 GMT
lsget.html
ls.hit.gemius.pl/ Frame C8AF 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
9fe1cb2a8f77e238c7eb49360b28255d6064d41275ffdf948d06f31965427b22

Request headers

:method
GET
:authority
ls.hit.gemius.pl
:scheme
https
:path
/lsget.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

date
Wed, 29 Sep 2021 19:08:50 GMT
expires
Fri, 29 Oct 2021 19:08:50 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2722
content-encoding
gzip
collect
stats.g.doubleclick.net/j/ 		1 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-20449281-10&cid=29800867.1632942530&jid=1235048990&gjid=1074951450&_gid=1283154276.1632942530&_u=YEBAAEAAAAAAAC~&z=1211895939
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsmaker.md/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 29 Sep 2021 19:08:50 GMT
content-type
text/plain
access-control-allow-origin
https://newsmaker.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame D0DC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1649282.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-12.fra2.r.cloudfront.net
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
EswiSJ-NAYzFDihK5SBU0z1_ztUUUvFvd2Uy5vFf8gJHiWAQHzYcAw==
age
6156225
web
onesignal.com/api/v1/sync/e1ddd2dd-8800-4556-966a-d24527c29730/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/e1ddd2dd-8800-4556-966a-d24527c29730/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
e7482c36aecad8343bec30814ce2b9c26d1c5b484d869741690bf60194acee36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2670
x-powered-by
Phusion Passenger(R)
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
74ab30de-5d7d-4d9b-b0af-fb8cc2974089
x-runtime
0.047465
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"27f7ce6e6f7f0a686f990770b5ce5f4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-polished
origSize=3396
cf-ray
6967809cfe254e3e-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 29 Sep 2021 20:08:50 GMT
pubads_impl_2021092703.js
securepubads.g.doubleclick.net/gpt/ Frame F239 		334 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
25a54ff1cb79229cc4d3eea2fee74b29d539a0432795a1057d98f7b04f1606c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119198
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 20:03:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Sep 2021 19:08:51 GMT
pubads_impl_2021092706.js
securepubads.g.doubleclick.net/gpt/ Frame D67A 		336 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
b104c2739905b36f01c9edfc126f75200dc92eaa8b4e482da4b95edea9ee94d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120406
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 20:07:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Sep 2021 19:08:50 GMT
index_atlas_1.png
banners.adfox.ru/210920/adfox/1227610/4631748/images/ Frame 26EC 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banners.adfox.ru/210920/adfox/1227610/4631748/images/index_atlas_1.png
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.158.134.158 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
s3.yandex.net
Software
nginx /
Resource Hash
3269ee5bb4fdfdebe785668da684cf694fac9189f3624a30c62a582c4070273a

Request headers

Referer
https://newsmaker.md/
Origin
https://newsmaker.md
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:50 GMT
last-modified
Mon, 20 Sep 2021 07:15:48 GMT
server
nginx
x-amz-request-id
ab4467abfaedfb6a
etag
"8b15c958accecd0665a472c33b980aff"
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id
null
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/png
content-length
68286
x-nginx-request-id
b67d6b0663adba9c
pixel;r=883470538;labels=title.%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F;source=gtm;rf=0;a=p-ksD3D2ZUrQnZ_;url=https%3A%2F%2Fnewsmaker.md%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1816802052-16329425...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=883470538;labels=title.%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F;source=gtm;rf=0;a=p-ksD3D2ZUrQnZ_;url=https%3A%2F%2Fnewsmaker.md%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1816802052-1632942530187;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=newsmaker.md;je=0;sr=1600x1200x24;dst=0;et=1632942530186;tzo=0;ogl=locale.ru_RU%2Ctype.website%2Ctitle.%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%2Cdescription.%D0%9D%D0%B5%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D0%B5%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%B8%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BB%D1%8F%20%D1%82%D0%B5%D1%85%252C%20%D0%BA%D0%BE%D0%BC%D1%83%20%D0%BD%D0%B5%20%D0%B2%D1%81%D0%B5%20%D1%80%D0%B0%D0%B2%D0%BD%D0%BE%252E%20%D0%A0%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D1%8B%D0%B2%D0%B0%D0%B5%D0%BC%252C%20%D1%87%D1%82%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B8%D1%81%D1%85%D0%BE%2Curl.https%3A%2F%2Fnewsmaker%252Emd%2F%2Csite_name.NewsMaker%2Cimage.https%3A%2F%2Fnewsmaker%252Emd%2Fwp-content%2Fuploads%2F2019%2F01%2Flogo_square%252Ejpg%2Cimage%3Awidth.2835%2Cimage%3Aheight.2835
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
fx6zaDuebrs
www.youtube.com/embed/ Frame 5CCE 		57 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
b72374d26b33f90de8cf128ca20e21d07e39b0576937dbcc7accf2f8a9ad8eee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
cookie
YSC=Oe4xgRGBfQk; VISITOR_INFO1_LIVE=WXJ3J_nsCpQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 29 Sep 2021 19:08:50 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+541; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1319186005149532&ev=PageView&dl=https%3A%2F%2Fnewsmaker.md%2F&rl=&if=false&ts=1632942530411&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1632942530409.355181040&it=1632942529916&coo=false&rqm=GET
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 29 Sep 2021 19:08:50 GMT
integrator.js
adservice.google.de/adsid/ Frame D67A 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsmaker.md
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 19:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D67A 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsmaker.md
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 19:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D67A 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1031891814195095&correlator=4317185822146212&output=ldjh&impl=fifs&eid=31062969%2C44749397&vrg=2021092706&ptt=17&sc=1&sfv=1-0-38&ecs=20210929&iu_parts=21857590943%3A22573105418%2CNewsmaker.md%2CNewsmaker_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&cust_params=for_DM2.0%3Dbid_0.12&cookie_enabled=1&cdm=newsmaker.md&bc=31&abxe=1&lmt=1632942530&dt=1632942530478&dlt=1632942529813&idt=626&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1040&adys=5173&adks=380675921&ucis=7zx01c86imgj&ifi=1&ifk=3067537255&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsmaker.md%2F&top=https%3A%2F%2Fnewsmaker.md%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=29800867.1632942530&ga_sid=1632942530&ga_hid=1256240941&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4035b38e02420ab896d01559915f0fceeb0e42e07cdf4ae96e8684c3ee0b35e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7733
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newsmaker.md
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D9F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 29 Sep 2021 19:08:50 GMT
expires
Thu, 29 Sep 2022 19:08:50 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rexdot.js
gamd.hit.gemius.pl/__/_1632942530679/
Redirect Chain
  • https://gamd.hit.gemius.pl/_1632942530679/rexdot.js?l=100&id=ndzrEfcX7.nQvebCdkDwDre_.KlkCdh.uD5ake8MBq3.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnewsmaker.m...
  • https://gamd.hit.gemius.pl/__/_1632942530679/rexdot.js?l=100&id=ndzrEfcX7.nQvebCdkDwDre_.KlkCdh.uD5ake8MBq3.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnewsmake...
169 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gamd.hit.gemius.pl/__/_1632942530679/rexdot.js?l=100&id=ndzrEfcX7.nQvebCdkDwDre_.KlkCdh.uD5ake8MBq3.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnewsmaker.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=728&lsdata=41InAjeJGKDN5bqoAstR.wPFI49y_m26b.J4QVWF8_H.Q7fNUC6tdkMk9Rg2PGBkCa9qvRBdf29RDrsdrNE8pfbjmix1/p0c2t0_UR.zcL/&fpdata=knzKkXSkdoB8BPPN7ZVURJFqh4NuB56ciCB6eJu48XP.l7&vis=1&fpcap=
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.227 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GHC /
Resource Hash
2006167aa7e1785b4db6adfdc56368527e649e9539f3b0f48f12d953205ff3f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:50 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Tue, 28 Sep 2021 19:08:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:50 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1632942530679/rexdot.js?l=100&id=ndzrEfcX7.nQvebCdkDwDre_.KlkCdh.uD5ake8MBq3.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnewsmaker.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=728&lsdata=41InAjeJGKDN5bqoAstR.wPFI49y_m26b.J4QVWF8_H.Q7fNUC6tdkMk9Rg2PGBkCa9qvRBdf29RDrsdrNE8pfbjmix1/p0c2t0_UR.zcL/&fpdata=knzKkXSkdoB8BPPN7ZVURJFqh4NuB56ciCB6eJu48XP.l7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 28 Sep 2021 19:08:50 GMT
www-player-webp.css
www.youtube.com/s/player/d82ca80e/ Frame 5CCE 		330 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
98246f79b1495fa4d547fc6bdff6a3de6cf8064d5cb9e5d877adee9171a7f99d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 04:19:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
53390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46472
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Sep 2022 04:19:00 GMT
www-embed-player.js
www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/ Frame 5CCE 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
045fd4ce57343257588e028026d314db88e7cc03aa84ec98ead1197bafe8c598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 07:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
42896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67318
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Sep 2022 07:13:54 GMT
base.js
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 5CCE 		2 MB
506 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
8ac79395ad2c8c0efaf5a734544089eab4a8dce163f3b97f86d08921df5faafb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
408670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
518228
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:37:40 GMT
fetch-polyfill.js
www.youtube.com/s/player/d82ca80e/fetch-polyfill.vflset/ Frame 5CCE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:40:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
138526
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 28 Sep 2022 04:40:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5CCE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 09:07:47 GMT
x-content-type-options
nosniff
age
122463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 09:07:47 GMT
container.html
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D04 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 29 Sep 2021 19:08:50 GMT
expires
Thu, 29 Sep 2022 19:08:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=1191ac99dd0ef26c&pm=bmu&pxo=XFbEb_yTQJXFZczRRxEMPgq4_mZjN2vZu4zhB616DB-SULrn0lsHB6msPLHIYJJL1myrMDk8BSh75UaEaDaUCGeUSJ_tGu5L3aX5DP28YoZgNRwI0vwF385nKIEBaT6D6pyHJt39b0gZ053Nl2astW7eoITsI4qXX3skKDAn4B250d6r&p5=gvoqp&rand=dpuhqng&sj=ZOSXoIjmEMjMtjpMKwZX0UX8XXHpUrkmms7je_3i7SymQh3iFTaEmT5CulP7qg%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=chdfd&rqs=wX1viCBbUG_BuVRh5I2Rpq_lzC4GjPo3&rtb-si=b&p2=fwgw&resp-time=1081
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:50 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame D67A 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27596
x-xss-protection
0
server
sffe
etag
"1632742284803949"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 19:08:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D67A 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092706&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
22b1837038196904244cb7048a0645bc9a4a01bccd9c8f70b483f5273e18b81d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 19:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8511
x-xss-protection
0
id
googleads.g.doubleclick.net/pagead/ Frame 5CCE 		113 B
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
38e8ddccaeb099f2ea2d2b33a74859be758f8ee85069e8b2c2b4261cea0a1c17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 5CCE 		29 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:04:51 GMT
x-content-type-options
nosniff
age
240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Sep 2021 19:19:51 GMT
FFRvrWFw-jzK-sycy0j3GTq6fe8p0rF4OAEr48E9esg.js
www.google.com/js/th/ Frame 5CCE 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/FFRvrWFw-jzK-sycy0j3GTq6fe8p0rF4OAEr48E9esg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
sffe /
Resource Hash
14546fad6170fa3ccafacc9ccb48f7193aba7def29d2b17838012be3c13d7ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 05:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
50271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13359
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 29 Sep 2022 05:11:00 GMT
embed.js
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 5CCE 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
5cf2d602e6a7b16bf2a0b1866e945e014d8d08ecb9603a36943b8da90499a96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
408555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7358
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:39:36 GMT
truncated
/ Frame 5CCE 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRLBdFv2bbkra9nhQfk9CKW5OSpXIYl13EyP5pn=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5CCE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLRLBdFv2bbkra9nhQfk9CKW5OSpXIYl13EyP5pn=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
6bbb8b78e3892d99ecab019950a14c5dd6c4fadbf20998e2cd39d27246010614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 15:47:32 GMT
x-content-type-options
nosniff
age
12079
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2245
x-xss-protection
0
server
fife
etag
"v16"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Sep 2021 12:19:47 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/fx6zaDuebrs/ Frame 5CCE 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/fx6zaDuebrs/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f22.1e100.net
Software
sffe /
Resource Hash
23d348a7ee7a86be5fa3c845ed8fd5ac8cd8e157da59c8a475d21e44701beace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:23:02 GMT
x-content-type-options
nosniff
age
6349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111246
x-xss-protection
0
server
sffe
etag
"1627571478"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 29 Sep 2021 19:23:02 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5CCE 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 13:29:54 GMT
x-content-type-options
nosniff
age
20337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9832
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 13:29:54 GMT
/
www.facebook.com/tr/ Frame 3240 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
23464
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://newsmaker.md
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://newsmaker.md
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

content-type
text/plain
access-control-allow-origin
https://newsmaker.md
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Wed, 29 Sep 2021 19:08:51 GMT
event
ads.adfox.ru/239538/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=dc0329f2b36c88ef&pm=cza&p5=kdnse&rand=mlpwpmh&sj=OiyXs5Ep-b2rx4HEy3ek9mlHbQd7OkqvSZcvtA_1TTZOYgqGhSLi0HuHmL41&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=cczra&rqs=wb1e7PGgRAjBuVRhjUNEuuNn2G9c08XQ&p2=y
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:51 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/239538/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=3d7997e57cbcbed1&pm=bmp&pxo=XFbEb_yTQJXFZczRRxEMPgq4_mZjN2vZu4zhB616DB-SULrn0lsHB6msPLHIYJJL1myrMDk8BSh75UaEaDaUCGeUSJ_tGu5L3aX5DP28YoZgNRwI0vwF385nKIEBaT6D6pyHJt39b0gZ053Nl2astW7eoITsI4qXX3skKDAn4B250d6r&p5=gvoqp&rand=ddjaiaj&sj=ZOSXoIjmEMjMtjpMKwZX0UX8XXHpUrkmms7je_3i7SymQh3iFTaEmT5CulP7qg%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=chdfd&rqs=wX1viCBbUG_BuVRh5I2Rpq_lzC4GjPo3&rtb-si=b&p2=fwgw
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:52 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=9b8973b2c2192486&pm=cza&p5=kdcvb&rand=egceuvl&sj=JomfwEDmfKcruQsa8wWHd0SqkcurWGnmuUZGG2qO6fLy812_PDRjpwp81bmdgg%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=ciejl&rqs=wclpZXY5xF3BuVRhp8EOculNYCyn_KVC&p2=y
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:51 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=67a8b6322b3efd5d&pm=bmp&pxo=CWhhHhsqlhI1CtgC6U_eeiZXZrFYPGtQzgaK8kK1TlSoHE6wSGeUV9BnWgTgR4Bg8zJ3EL7PtyKPJwMa06wGdhJgE5H9rn0YdV9GYdkhtYRl-9C8ad9P5OwoJws36qZ44Lc9zju8Ev8lUgYBdZohd4CRKWW0kk0jMTIHSXXP14p6myk8Bg%3D%3D&p5=fxybz&rand=cxmjjjf&sj=lTbqm4nyoXWvKcXquQGbUsGdKYC_BW_uGlF2neuQtqwX342z_UiRSkq08MHr4g%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=cczrd&rqs=wfnPPZ--wE7BuVRhk7KhilWEzZAWpF1S&rtb-si=b&p2=y
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:52 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D67A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 29 Sep 2021 19:08:52 GMT
integrator.js
adservice.google.de/adsid/ Frame F239 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsmaker.md
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F239 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsmaker.md
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F239 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2828698393187892&correlator=612134458556907&output=ldjh&impl=fifs&eid=31061422%2C31062966%2C21068030%2C31062346&vrg=2021092703&ptt=17&sc=1&sfv=1-0-38&ecs=20210929&iu_parts=21857590943%3A22573105418%2CNewsmaker.md%2CNewsmaker_7&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&cust_params=for_DM2.0%3Dbid_1.12&cookie=ID%3Dc7d309bb408ac09f-22b7247f83c90056%3AT%3D1632942530%3AS%3DALNI_MYGxjkPessGIl-M_A44Vbg0F0X3HQ&cdm=newsmaker.md&bc=31&abxe=1&lmt=1632942531&dt=1632942531993&dlt=1632942529828&idt=2128&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=241&adys=6720&adks=2779372055&ucis=nkvaaa5u0yy&ifi=1&ifk=1819798773&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsmaker.md%2F&top=https%3A%2F%2Fnewsmaker.md%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=29800867.1632942530&ga_sid=1632942532&ga_hid=1863560789&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
0e443cbed74683ae4ae15fd3dd0a4410e4edf1649d9a8c4882cb907734f8c36a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10046
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newsmaker.md
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 957C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 29 Sep 2021 19:08:52 GMT
expires
Thu, 29 Sep 2022 19:08:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
plyr.svg
cdn.plyr.io/2.0.13/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/2.0.13/plyr.svg
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/wp-content/themes/evonews/includes/assets/js/plugins/masonry.pkgd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.9.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84ea903b1833a97bb0e508404cded491e4f2c2b7042d193137cc25fcbce4297

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:52 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5920406
x-cache
HIT, HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
NW3BB89GCDP9P05Q
x-amz-id-2
lIRM3UMLoa0j7xoO0UMXlj/Hvrfqndh3OG9DLAWM2z3rags8pN+1jy4VL9XaiHQQ7yyKsACZLUM=
x-served-by
cache-dca17743-DCA, cache-fra19139-FRA
last-modified
Tue, 16 May 2017 00:14:27 GMT
server
cloudflare
x-timer
S1627022126.308139,VS0,VE1
etag
W/"2e424027329f13b2cf82d00129c5e193"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bLlo0itkDAsq8%2F5vDn4xHbv83rmU9CKh0bf6NWkHQCYLaNfsYnxV%2FUDgwkMcuNLJC908wkptZdXJXRm2wY3Ws1HbRpkvpppT0pKC38XikyWeI1Ing6NVo5GMn%2BqLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
cf-ray
696780a95c2f4345-FRA
x-cache-hits
1, 1
pixel
googleads.g.doubleclick.net/xbbe/ Frame 21C3 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiUrLazATAB&v=APEucNU4TMMV20LWzSLsURywvcExr86AueF4JI4hJEcBnzoHphALS-3x6cNgNTh1ExFHx1HHA4-gbKtnRNI98esQb_J0XxeLetwoy-NasB5T0kCD3HR-GuxGcCPabQrCTcVJpSj9VYenzlbsv2kH2jn2SWpHZa4lr0lNLN3CNfKzPPkW9s9WwLTc4pY2Qx23DNMSAkxdCyzarBJQh64JPpDUa5s9-eynLg
Requested by
Host: fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
URL: https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLOokgEQ4p3QAhiUrLazATAB&v=APEucNU4TMMV20LWzSLsURywvcExr86AueF4JI4hJEcBnzoHphALS-3x6cNgNTh1ExFHx1HHA4-gbKtnRNI98esQb_J0XxeLetwoy-NasB5T0kCD3HR-GuxGcCPabQrCTcVJpSj9VYenzlbsv2kH2jn2SWpHZa4lr0lNLN3CNfKzPPkW9s9WwLTc4pY2Qx23DNMSAkxdCyzarBJQh64JPpDUa5s9-eynLg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmkaaKgLi9bpLfAtPrYE0pVSaYPPykBcQlu0QC28CbXiSPy2X9mgtWOJky0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 29 Sep 2021 19:08:52 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3D04 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgQ36XxBPSm-ljT62Sdxd__aAvzC2EepekpHfkKIxCwXAKXjy51yIJp6lMi9IVCv4DoDXtOHX4g3o2mRtxGOjyxXS6LO9I7egpoPQRBfJ3jDpXs_R95nYirjT9k1Ul2h8Z8owSA3G-L-LJXtgYuYKgKeuyeA&dbm_d=AKAmf-BfvDa05IHjTwEMBrSR7cfvfNYefpuUT7NU-RrtcJ7CoCfFlTFWXFo_voZJUtOqUMhfS-kEfdscNogAs-NwqaY9I22_Pp00t5xjqwEpL_aZ5O-kx8Hh1h89yXOb4VCfKzmIHCIJgPnJ44Erh0og5fixBE-FzhRqAjyUpGf-5Ehnt8q1JKgJZwjq8AHjv60TKaH3116SdRdpaa-r9sXgfpMuUiu7Bfn7h8dSSud6b8VVS6HbTQQHf13800RAf4PuEPiVX45kKxFRKlw-iGWY7aOHpiuWin6iAq4Q2s_p290IMWvtGtWU8yz5oReakEC4-YpTbUhtsOehFhbOmE-T7ywvqI4XZkSnMpM_Vn9M8HeikXwgqAO1IQOjnuI-oZZBAX_2lwPlpYdBCJRRhrn0XB0uhTemHBnQmDZXb72kR4f2TNpjAEL4SQYJbRbjhVduUYKQKC3DKVeGShR7PjkZGB0cvpB4Nexuvy4IG-0ztk4C0cdEn64g3AwPoHGJ3vxE-s_xGgJgn0mS9-QnbXiq3660gVkuIg7mSary2rBdDojzHwd771l8-nVsC4VwBK_S_yW4sUBH53bxg1uIxgLANcuFHekH9d_1pP3tbh_zIMopKN9LgbMh5vagRkwzIVcuV46tAW1C-kRklph46h-o7eqWqpMRPcnaq73nST5jtwLm13cdOg2caEllqSUek3F9sGJgsHixzPlDnPbaxflTgxmViJG9OhiFirviL6qfHxbkXfHv1n_O_6h8TfsXV_upjcKyBJHkDzXX1s1cHz2dkLgOQKVY7Rq08m8G9PIlyHdFJp1kf6denIDeM7oPyFwtXFrr38BS6cwanOO2cZlUAKBl3FEw9QvDmn9RhNASQP8vmehefAq-hcPDNtw8VeB2aCXYLkiJuUDkksCLqPoQar-MLlsTLldb9mRfa9rcDFm_LV_BWATc0RrhlJQKR_6amBv2nrhEagKyMpAzqKKsRrFXtXoLE4zhVNEVOcoOaKGDLRGjidtSk5lv2FK_TXOVAGOZN6EBVj-6kKf_7qrKlKod4TLjkiEVAJimuwx92cA_tu_9PIWSiUGF45XesU5RXanxQFA3_FbnoTwxsIyQabY2EC_2KGJXtyxoski4SXCRmBlbjYUyTxAIFubWa0Kci62VOdgQIWqIFq9nYNrsIjfU2deWXn8VYuk4lqnsUKIeic4vC_ole6ytIUWb0qJh3y9pySGZS_e-7RipFAovOTYyqC2JzzY4x3vRAJ4Udyb8hUhev7vV3fdljULGU-q6t1WSfbDHdysZnP45wkAWSMtW0S2btyjAyx2qWtxqQGXQqeUrdWRrbeNLxjqBT9scatkbgDKBTBrEAcCgWP1Mk8mqo4HVuAOzRvYfqCsPxoPgLsXl9FgBrCcOaEBGxWzpY2dyf_PuAJzrol6xu9y4hCcxrMMNL3ZQIpEMTzfGDRMLk2OYYc_QXb3VNKZkQ1bgquaFJNdE3aa4q6aoBGblo5PqPdpA7vuLn5SLt7LDz-8K8oaIthYZ9BwclDklF41dQD9AC8hzX-lzCGRWmDsK0oOBQxm1AP64SodT3CPeydL8A-Ute2KesQcEaUsfW49DFdNMJYQIA5tJJR6cbF9dODvpuexCkfqiyb2DI2NnPWtuGkXxWW6sr3zgUDIHJDNpAFyy5pQvvMl9aIfpP7sZ0612VjKjN9zLn7gFSfgvC2Bb5CHCcevn3a4_TTMDeCRCxJrDCvHMDlG3Dqsk1DcYaZBsalqHkqWxUR20_mgg3MmPBEM19Drn0fJ_yUXOEjQ4sQGnN0pJPFmDUUkY-3CLPEz7Jm2DnqvSqpyd3DlQQvHwROcbNDIRn_jvi8K92UeBw-K-8jQxsgMXpElqDgp6KHC2n9xuGZSpLaFNq1K_FLgbmRKE6jhXzxkWR2xldXu6JxUwTNPAhO6VsqRkYrmKwaSMn6DMVRfQkVKhXRK-ArNV2Cd9tuMnBwVZw3VMZOfOzzNk3LOXlqORLpfI79aFtvdYv3oTYRafYzylkeQ4xcfAXGqXwi3bKRmwmBhxXYLEy4RQWkc4KXadZPeZGakZSEMJ97Pm-WEbPAuzhCiDptZdVQV6nw7eM3wgPFi_CaER2GoYsmu8C9_0XJmgBxCHuoLZMzghdx7Y-fnQDjWoFnnTVzHswSL5CzGbMmGIJnRa3lVabICSMlTbrnLIdoHW1ntRIVCKUjhE3PtOwKr8HyKtOZKIS5DBdqg1c0ZyxKrO3VdG-ZEdZ6PmhkoUXHxj1eCezcWNmH1qgvN464aQWPAbHKvqdKUP_W1p6zfiZHNhrFmRHLKQf_rq5PSox8UPtmSJuB2S9bIPZU7ARSViqwkmTGdoY6-h1cPLXehFYzDRyn6NN6Cpzj6b0owy0LzXuKqQqb9AMe_gSKrdVvPkBDRor1X4ypHdUtP40Z7HfpE6GRfl82XKUJD0ojJ5fYUEHI2d9VDXIql5KqOcuVS3T5sdllnUpzLbIvZKu9-ULsuh6EhuNpLDHdMuw5M_mfKckYsW55A5gAEIlgeb0iMwJk-b3iKxhUh9A_9je8b6w4ymosjM2Zm_-tYtJjPk_6edo3erIHMvEVAtkge0hxAX7mSrcUSNUr5Tsb3pfdmZWApBJYHMtREVtmbLu_rsEFUYKdiyl0iTfv6QD-aUR5XQxqcCUM0IENAI1SiHcjo1KwFUCCyrOL_FznYn7mcA3NFdhlHF52nuTm4SWj2e6udYDzJoxQ6JKlQcJoMFDT_fC7voCXKjO2SQZ__wfIXjMYkWajeqxAgTN9Bw8U1oHo-ZCobTAxqpNcuWbcWqMWtbLJCmzROx64eA4SKZskKhaYaREOcaqiFltVlO5rzdikzPs2N2XhLUlGTShYWHq1vDjBdDK5xHtSz3HpUpOQv01w7D7GVboaX31PcMrFEd918PESCIibyD3zNVM40_6-KZwLLCZypuMRmL3y5k3o67EMtGsEoL_HwFgPIXHnRREd1tNNDi8ZY68AFUh4kgZetEUWfoFt2MEyKC7F8oESz2BfAIA4MU21nz38EfHA8YmV-ytApvIQlJjb86uIUXLelOdzx1ZLBgQWLLtIIfiNvYir-LOFzIRIzttY-bEWfjSLeW4hd7Yz6JdzD0kwh4qUd9SQDMfwehGHRO6JsSPhahMhEsMEdArEzaJ9tOCJd6IFsB9xPUnkvXoXQfedXwBKV0ZBd8oDoOi9SLgeXgxLO18_iKJxAuejzPnw1My3UhYbTCpuDX2b4CWQCXg_G7EbOJcCNcbY8hB0OOUz3DxQQZ_IjE70zR31iPRetX6QZZ6qql_1i4r-vZ_nVB_27jvHXxCxbbEFyMjbE9CNzfZFEWawVNXK64phYKWpUyKTq9yR19AtDbMk9YXquhfXJDgERPm4DGwK2AWP3Jsa85OY23zBOTmF6iw0MeWyHjPlZ8tm1vBv-ficV55QkjfpjDCNj80BcxYTtyHMzGcIHnzmkQQ06FzbOI2fk3MvTj2bHDbEye4PG4UAWAHfRyf62zCvrBRwV1-4rbEQLzBB6Bhv9ZMpWA1y1Dl683cA&cid=CAASFeRoDfgkO_BOg_7z6-woWifExZeQbg&rfl=2%2Chttps%253A%252F%252Fnewsmaker.md%242%2Chttps%253A%252F%252Fnewsmaker.md%252F%240
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
3edac2567257ca98f0c25dc183e0ce0d7bd76a160fa287bd398ca41aff203cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28968
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D04 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A22Su8V0tI9mnMMCeNKlp1tMoEBZLkPBg-Jim7ZD9RpbnsDTOPDI30aWbDKFav0secnliWKEFhRhDtmKT0hK0Ar4uzJD9PkUpOIvcQ-x9pPP6F-uo
Requested by
Host: fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
URL: https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 3D04 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js
Requested by
Host: fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
URL: https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 19:00:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D04 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
URL: https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 19:08:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 3D04 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
URL: https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 19:07:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D85E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 29 Sep 2021 18:58:33 GMT
expires
Thu, 29 Sep 2022 18:58:33 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
619
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7021 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
61e9b3c9b2a78e28f87a5ee4928bebbf8f278661c548bc566fc0c660f5c62561
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-d2uJTRRRpgHjEFH1n6tgqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 29 Sep 2021 19:08:52 GMT
date
Wed, 29 Sep 2021 19:08:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-d2uJTRRRpgHjEFH1n6tgqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 3D04 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f6.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
Origin
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 10:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Sep 2021 10:09:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210927/r20110914/elements/html/ Frame 3D04 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210927/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgQ36XxBPSm-ljT62Sdxd__aAvzC2EepekpHfkKIxCwXAKXjy51yIJp6lMi9IVCv4DoDXtOHX4g3o2mRtxGOjyxXS6LO9I7egpoPQRBfJ3jDpXs_R95nYirjT9k1Ul2h8Z8owSA3G-L-LJXtgYuYKgKeuyeA&dbm_d=AKAmf-BfvDa05IHjTwEMBrSR7cfvfNYefpuUT7NU-RrtcJ7CoCfFlTFWXFo_voZJUtOqUMhfS-kEfdscNogAs-NwqaY9I22_Pp00t5xjqwEpL_aZ5O-kx8Hh1h89yXOb4VCfKzmIHCIJgPnJ44Erh0og5fixBE-FzhRqAjyUpGf-5Ehnt8q1JKgJZwjq8AHjv60TKaH3116SdRdpaa-r9sXgfpMuUiu7Bfn7h8dSSud6b8VVS6HbTQQHf13800RAf4PuEPiVX45kKxFRKlw-iGWY7aOHpiuWin6iAq4Q2s_p290IMWvtGtWU8yz5oReakEC4-YpTbUhtsOehFhbOmE-T7ywvqI4XZkSnMpM_Vn9M8HeikXwgqAO1IQOjnuI-oZZBAX_2lwPlpYdBCJRRhrn0XB0uhTemHBnQmDZXb72kR4f2TNpjAEL4SQYJbRbjhVduUYKQKC3DKVeGShR7PjkZGB0cvpB4Nexuvy4IG-0ztk4C0cdEn64g3AwPoHGJ3vxE-s_xGgJgn0mS9-QnbXiq3660gVkuIg7mSary2rBdDojzHwd771l8-nVsC4VwBK_S_yW4sUBH53bxg1uIxgLANcuFHekH9d_1pP3tbh_zIMopKN9LgbMh5vagRkwzIVcuV46tAW1C-kRklph46h-o7eqWqpMRPcnaq73nST5jtwLm13cdOg2caEllqSUek3F9sGJgsHixzPlDnPbaxflTgxmViJG9OhiFirviL6qfHxbkXfHv1n_O_6h8TfsXV_upjcKyBJHkDzXX1s1cHz2dkLgOQKVY7Rq08m8G9PIlyHdFJp1kf6denIDeM7oPyFwtXFrr38BS6cwanOO2cZlUAKBl3FEw9QvDmn9RhNASQP8vmehefAq-hcPDNtw8VeB2aCXYLkiJuUDkksCLqPoQar-MLlsTLldb9mRfa9rcDFm_LV_BWATc0RrhlJQKR_6amBv2nrhEagKyMpAzqKKsRrFXtXoLE4zhVNEVOcoOaKGDLRGjidtSk5lv2FK_TXOVAGOZN6EBVj-6kKf_7qrKlKod4TLjkiEVAJimuwx92cA_tu_9PIWSiUGF45XesU5RXanxQFA3_FbnoTwxsIyQabY2EC_2KGJXtyxoski4SXCRmBlbjYUyTxAIFubWa0Kci62VOdgQIWqIFq9nYNrsIjfU2deWXn8VYuk4lqnsUKIeic4vC_ole6ytIUWb0qJh3y9pySGZS_e-7RipFAovOTYyqC2JzzY4x3vRAJ4Udyb8hUhev7vV3fdljULGU-q6t1WSfbDHdysZnP45wkAWSMtW0S2btyjAyx2qWtxqQGXQqeUrdWRrbeNLxjqBT9scatkbgDKBTBrEAcCgWP1Mk8mqo4HVuAOzRvYfqCsPxoPgLsXl9FgBrCcOaEBGxWzpY2dyf_PuAJzrol6xu9y4hCcxrMMNL3ZQIpEMTzfGDRMLk2OYYc_QXb3VNKZkQ1bgquaFJNdE3aa4q6aoBGblo5PqPdpA7vuLn5SLt7LDz-8K8oaIthYZ9BwclDklF41dQD9AC8hzX-lzCGRWmDsK0oOBQxm1AP64SodT3CPeydL8A-Ute2KesQcEaUsfW49DFdNMJYQIA5tJJR6cbF9dODvpuexCkfqiyb2DI2NnPWtuGkXxWW6sr3zgUDIHJDNpAFyy5pQvvMl9aIfpP7sZ0612VjKjN9zLn7gFSfgvC2Bb5CHCcevn3a4_TTMDeCRCxJrDCvHMDlG3Dqsk1DcYaZBsalqHkqWxUR20_mgg3MmPBEM19Drn0fJ_yUXOEjQ4sQGnN0pJPFmDUUkY-3CLPEz7Jm2DnqvSqpyd3DlQQvHwROcbNDIRn_jvi8K92UeBw-K-8jQxsgMXpElqDgp6KHC2n9xuGZSpLaFNq1K_FLgbmRKE6jhXzxkWR2xldXu6JxUwTNPAhO6VsqRkYrmKwaSMn6DMVRfQkVKhXRK-ArNV2Cd9tuMnBwVZw3VMZOfOzzNk3LOXlqORLpfI79aFtvdYv3oTYRafYzylkeQ4xcfAXGqXwi3bKRmwmBhxXYLEy4RQWkc4KXadZPeZGakZSEMJ97Pm-WEbPAuzhCiDptZdVQV6nw7eM3wgPFi_CaER2GoYsmu8C9_0XJmgBxCHuoLZMzghdx7Y-fnQDjWoFnnTVzHswSL5CzGbMmGIJnRa3lVabICSMlTbrnLIdoHW1ntRIVCKUjhE3PtOwKr8HyKtOZKIS5DBdqg1c0ZyxKrO3VdG-ZEdZ6PmhkoUXHxj1eCezcWNmH1qgvN464aQWPAbHKvqdKUP_W1p6zfiZHNhrFmRHLKQf_rq5PSox8UPtmSJuB2S9bIPZU7ARSViqwkmTGdoY6-h1cPLXehFYzDRyn6NN6Cpzj6b0owy0LzXuKqQqb9AMe_gSKrdVvPkBDRor1X4ypHdUtP40Z7HfpE6GRfl82XKUJD0ojJ5fYUEHI2d9VDXIql5KqOcuVS3T5sdllnUpzLbIvZKu9-ULsuh6EhuNpLDHdMuw5M_mfKckYsW55A5gAEIlgeb0iMwJk-b3iKxhUh9A_9je8b6w4ymosjM2Zm_-tYtJjPk_6edo3erIHMvEVAtkge0hxAX7mSrcUSNUr5Tsb3pfdmZWApBJYHMtREVtmbLu_rsEFUYKdiyl0iTfv6QD-aUR5XQxqcCUM0IENAI1SiHcjo1KwFUCCyrOL_FznYn7mcA3NFdhlHF52nuTm4SWj2e6udYDzJoxQ6JKlQcJoMFDT_fC7voCXKjO2SQZ__wfIXjMYkWajeqxAgTN9Bw8U1oHo-ZCobTAxqpNcuWbcWqMWtbLJCmzROx64eA4SKZskKhaYaREOcaqiFltVlO5rzdikzPs2N2XhLUlGTShYWHq1vDjBdDK5xHtSz3HpUpOQv01w7D7GVboaX31PcMrFEd918PESCIibyD3zNVM40_6-KZwLLCZypuMRmL3y5k3o67EMtGsEoL_HwFgPIXHnRREd1tNNDi8ZY68AFUh4kgZetEUWfoFt2MEyKC7F8oESz2BfAIA4MU21nz38EfHA8YmV-ytApvIQlJjb86uIUXLelOdzx1ZLBgQWLLtIIfiNvYir-LOFzIRIzttY-bEWfjSLeW4hd7Yz6JdzD0kwh4qUd9SQDMfwehGHRO6JsSPhahMhEsMEdArEzaJ9tOCJd6IFsB9xPUnkvXoXQfedXwBKV0ZBd8oDoOi9SLgeXgxLO18_iKJxAuejzPnw1My3UhYbTCpuDX2b4CWQCXg_G7EbOJcCNcbY8hB0OOUz3DxQQZ_IjE70zR31iPRetX6QZZ6qql_1i4r-vZ_nVB_27jvHXxCxbbEFyMjbE9CNzfZFEWawVNXK64phYKWpUyKTq9yR19AtDbMk9YXquhfXJDgERPm4DGwK2AWP3Jsa85OY23zBOTmF6iw0MeWyHjPlZ8tm1vBv-ficV55QkjfpjDCNj80BcxYTtyHMzGcIHnzmkQQ06FzbOI2fk3MvTj2bHDbEye4PG4UAWAHfRyf62zCvrBRwV1-4rbEQLzBB6Bhv9ZMpWA1y1Dl683cA&cid=CAASFeRoDfgkO_BOg_7z6-woWifExZeQbg&rfl=2%2Chttps%253A%252F%252Fnewsmaker.md%242%2Chttps%253A%252F%252Fnewsmaker.md%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3143
x-xss-protection
0
server
cafe
etag
2416364338287085106
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 19:07:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame 3D04 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgQ36XxBPSm-ljT62Sdxd__aAvzC2EepekpHfkKIxCwXAKXjy51yIJp6lMi9IVCv4DoDXtOHX4g3o2mRtxGOjyxXS6LO9I7egpoPQRBfJ3jDpXs_R95nYirjT9k1Ul2h8Z8owSA3G-L-LJXtgYuYKgKeuyeA&dbm_d=AKAmf-BfvDa05IHjTwEMBrSR7cfvfNYefpuUT7NU-RrtcJ7CoCfFlTFWXFo_voZJUtOqUMhfS-kEfdscNogAs-NwqaY9I22_Pp00t5xjqwEpL_aZ5O-kx8Hh1h89yXOb4VCfKzmIHCIJgPnJ44Erh0og5fixBE-FzhRqAjyUpGf-5Ehnt8q1JKgJZwjq8AHjv60TKaH3116SdRdpaa-r9sXgfpMuUiu7Bfn7h8dSSud6b8VVS6HbTQQHf13800RAf4PuEPiVX45kKxFRKlw-iGWY7aOHpiuWin6iAq4Q2s_p290IMWvtGtWU8yz5oReakEC4-YpTbUhtsOehFhbOmE-T7ywvqI4XZkSnMpM_Vn9M8HeikXwgqAO1IQOjnuI-oZZBAX_2lwPlpYdBCJRRhrn0XB0uhTemHBnQmDZXb72kR4f2TNpjAEL4SQYJbRbjhVduUYKQKC3DKVeGShR7PjkZGB0cvpB4Nexuvy4IG-0ztk4C0cdEn64g3AwPoHGJ3vxE-s_xGgJgn0mS9-QnbXiq3660gVkuIg7mSary2rBdDojzHwd771l8-nVsC4VwBK_S_yW4sUBH53bxg1uIxgLANcuFHekH9d_1pP3tbh_zIMopKN9LgbMh5vagRkwzIVcuV46tAW1C-kRklph46h-o7eqWqpMRPcnaq73nST5jtwLm13cdOg2caEllqSUek3F9sGJgsHixzPlDnPbaxflTgxmViJG9OhiFirviL6qfHxbkXfHv1n_O_6h8TfsXV_upjcKyBJHkDzXX1s1cHz2dkLgOQKVY7Rq08m8G9PIlyHdFJp1kf6denIDeM7oPyFwtXFrr38BS6cwanOO2cZlUAKBl3FEw9QvDmn9RhNASQP8vmehefAq-hcPDNtw8VeB2aCXYLkiJuUDkksCLqPoQar-MLlsTLldb9mRfa9rcDFm_LV_BWATc0RrhlJQKR_6amBv2nrhEagKyMpAzqKKsRrFXtXoLE4zhVNEVOcoOaKGDLRGjidtSk5lv2FK_TXOVAGOZN6EBVj-6kKf_7qrKlKod4TLjkiEVAJimuwx92cA_tu_9PIWSiUGF45XesU5RXanxQFA3_FbnoTwxsIyQabY2EC_2KGJXtyxoski4SXCRmBlbjYUyTxAIFubWa0Kci62VOdgQIWqIFq9nYNrsIjfU2deWXn8VYuk4lqnsUKIeic4vC_ole6ytIUWb0qJh3y9pySGZS_e-7RipFAovOTYyqC2JzzY4x3vRAJ4Udyb8hUhev7vV3fdljULGU-q6t1WSfbDHdysZnP45wkAWSMtW0S2btyjAyx2qWtxqQGXQqeUrdWRrbeNLxjqBT9scatkbgDKBTBrEAcCgWP1Mk8mqo4HVuAOzRvYfqCsPxoPgLsXl9FgBrCcOaEBGxWzpY2dyf_PuAJzrol6xu9y4hCcxrMMNL3ZQIpEMTzfGDRMLk2OYYc_QXb3VNKZkQ1bgquaFJNdE3aa4q6aoBGblo5PqPdpA7vuLn5SLt7LDz-8K8oaIthYZ9BwclDklF41dQD9AC8hzX-lzCGRWmDsK0oOBQxm1AP64SodT3CPeydL8A-Ute2KesQcEaUsfW49DFdNMJYQIA5tJJR6cbF9dODvpuexCkfqiyb2DI2NnPWtuGkXxWW6sr3zgUDIHJDNpAFyy5pQvvMl9aIfpP7sZ0612VjKjN9zLn7gFSfgvC2Bb5CHCcevn3a4_TTMDeCRCxJrDCvHMDlG3Dqsk1DcYaZBsalqHkqWxUR20_mgg3MmPBEM19Drn0fJ_yUXOEjQ4sQGnN0pJPFmDUUkY-3CLPEz7Jm2DnqvSqpyd3DlQQvHwROcbNDIRn_jvi8K92UeBw-K-8jQxsgMXpElqDgp6KHC2n9xuGZSpLaFNq1K_FLgbmRKE6jhXzxkWR2xldXu6JxUwTNPAhO6VsqRkYrmKwaSMn6DMVRfQkVKhXRK-ArNV2Cd9tuMnBwVZw3VMZOfOzzNk3LOXlqORLpfI79aFtvdYv3oTYRafYzylkeQ4xcfAXGqXwi3bKRmwmBhxXYLEy4RQWkc4KXadZPeZGakZSEMJ97Pm-WEbPAuzhCiDptZdVQV6nw7eM3wgPFi_CaER2GoYsmu8C9_0XJmgBxCHuoLZMzghdx7Y-fnQDjWoFnnTVzHswSL5CzGbMmGIJnRa3lVabICSMlTbrnLIdoHW1ntRIVCKUjhE3PtOwKr8HyKtOZKIS5DBdqg1c0ZyxKrO3VdG-ZEdZ6PmhkoUXHxj1eCezcWNmH1qgvN464aQWPAbHKvqdKUP_W1p6zfiZHNhrFmRHLKQf_rq5PSox8UPtmSJuB2S9bIPZU7ARSViqwkmTGdoY6-h1cPLXehFYzDRyn6NN6Cpzj6b0owy0LzXuKqQqb9AMe_gSKrdVvPkBDRor1X4ypHdUtP40Z7HfpE6GRfl82XKUJD0ojJ5fYUEHI2d9VDXIql5KqOcuVS3T5sdllnUpzLbIvZKu9-ULsuh6EhuNpLDHdMuw5M_mfKckYsW55A5gAEIlgeb0iMwJk-b3iKxhUh9A_9je8b6w4ymosjM2Zm_-tYtJjPk_6edo3erIHMvEVAtkge0hxAX7mSrcUSNUr5Tsb3pfdmZWApBJYHMtREVtmbLu_rsEFUYKdiyl0iTfv6QD-aUR5XQxqcCUM0IENAI1SiHcjo1KwFUCCyrOL_FznYn7mcA3NFdhlHF52nuTm4SWj2e6udYDzJoxQ6JKlQcJoMFDT_fC7voCXKjO2SQZ__wfIXjMYkWajeqxAgTN9Bw8U1oHo-ZCobTAxqpNcuWbcWqMWtbLJCmzROx64eA4SKZskKhaYaREOcaqiFltVlO5rzdikzPs2N2XhLUlGTShYWHq1vDjBdDK5xHtSz3HpUpOQv01w7D7GVboaX31PcMrFEd918PESCIibyD3zNVM40_6-KZwLLCZypuMRmL3y5k3o67EMtGsEoL_HwFgPIXHnRREd1tNNDi8ZY68AFUh4kgZetEUWfoFt2MEyKC7F8oESz2BfAIA4MU21nz38EfHA8YmV-ytApvIQlJjb86uIUXLelOdzx1ZLBgQWLLtIIfiNvYir-LOFzIRIzttY-bEWfjSLeW4hd7Yz6JdzD0kwh4qUd9SQDMfwehGHRO6JsSPhahMhEsMEdArEzaJ9tOCJd6IFsB9xPUnkvXoXQfedXwBKV0ZBd8oDoOi9SLgeXgxLO18_iKJxAuejzPnw1My3UhYbTCpuDX2b4CWQCXg_G7EbOJcCNcbY8hB0OOUz3DxQQZ_IjE70zR31iPRetX6QZZ6qql_1i4r-vZ_nVB_27jvHXxCxbbEFyMjbE9CNzfZFEWawVNXK64phYKWpUyKTq9yR19AtDbMk9YXquhfXJDgERPm4DGwK2AWP3Jsa85OY23zBOTmF6iw0MeWyHjPlZ8tm1vBv-ficV55QkjfpjDCNj80BcxYTtyHMzGcIHnzmkQQ06FzbOI2fk3MvTj2bHDbEye4PG4UAWAHfRyf62zCvrBRwV1-4rbEQLzBB6Bhv9ZMpWA1y1Dl683cA&cid=CAASFeRoDfgkO_BOg_7z6-woWifExZeQbg&rfl=2%2Chttps%253A%252F%252Fnewsmaker.md%242%2Chttps%253A%252F%252Fnewsmaker.md%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
7cc64ec2f55ae9d24be2ca2bd4f933dcf99c9be0ae35871489cf235d5cee6af0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9205
x-xss-protection
0
server
cafe
etag
2170525750406684717
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 19:05:53 GMT
generate_204
www.youtube.com/ Frame 5CCE 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?eKmnKA
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C448 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 29 Sep 2021 19:08:52 GMT
expires
Thu, 29 Sep 2022 19:08:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=57b7120c4f1b213a&pm=bmu&pxo=CWhhHhsqlhI1CtgC6U_eeiZXZrFYPGtQzgaK8kK1TlSoHE6wSGeUV9BnWgTgR4Bg8zJ3EL7PtyKPJwMa06wGdhJgE5H9rn0YdV9GYdkhtYRl-9C8ad9P5OwoJws36qZ44Lc9zju8Ev8lUgYBdZohd4CRKWW0kk0jMTIHSXXP14p6myk8Bg%3D%3D&p5=fxybz&rand=hpaswps&sj=lTbqm4nyoXWvKcXquQGbUsGdKYC_BW_uGlF2neuQtqwX342z_UiRSkq08MHr4g%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=cczrd&rqs=wfnPPZ--wE7BuVRhk7KhilWEzZAWpF1S&rtb-si=b&p2=y&resp-time=2777
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:52 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame F239 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27596
x-xss-protection
0
server
sffe
etag
"1632742284803949"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 19:08:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F239 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092703&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
94ada3ea372a16129ed94f52fd7b276c55161b725a9b8c49cc3f689fe85e05f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8522
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 21C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnclswFJDhDHYPAUvUk6J0&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnclswFJDhDHYPAUvUk6J0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiUrLazATAB&v=APEucNU4TMMV20LWzSLsURywvcExr86AueF4JI4hJEcBnzoHphALS-3x6cNgNTh1ExFHx1HHA4-gbKtnRNI98esQb_J0XxeLetwoy-NasB5T0kCD3HR-GuxGcCPabQrCTcVJpSj9VYenzlbsv2kH2jn2SWpHZa4lr0lNLN3CNfKzPPkW9s9WwLTc4pY2Qx23DNMSAkxdCyzarBJQh64JPpDUa5s9-eynLg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 29 Sep 2021 19:08:52 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnclswFJDhDHYPAUvUk6J0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 21C3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVS5xF7nM92GLCftFzEfYQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnclswFJDhDHYPAUvUk6J0&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnclswFJDhDHYPAUvUk6J0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiUrLazATAB&v=APEucNU4TMMV20LWzSLsURywvcExr86AueF4JI4hJEcBnzoHphALS-3x6cNgNTh1ExFHx1HHA4-gbKtnRNI98esQb_J0XxeLetwoy-NasB5T0kCD3HR-GuxGcCPabQrCTcVJpSj9VYenzlbsv2kH2jn2SWpHZa4lr0lNLN3CNfKzPPkW9s9WwLTc4pY2Qx23DNMSAkxdCyzarBJQh64JPpDUa5s9-eynLg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 29 Sep 2021 19:08:52 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnclswFJDhDHYPAUvUk6J0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 21C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPxwdFCAq79DCA3bj_-LygQ&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxwdFCAq79DCA3bj_-LygQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiUrLazATAB&v=APEucNU4TMMV20LWzSLsURywvcExr86AueF4JI4hJEcBnzoHphALS-3x6cNgNTh1ExFHx1HHA4-gbKtnRNI98esQb_J0XxeLetwoy-NasB5T0kCD3HR-GuxGcCPabQrCTcVJpSj9VYenzlbsv2kH2jn2SWpHZa4lr0lNLN3CNfKzPPkW9s9WwLTc4pY2Qx23DNMSAkxdCyzarBJQh64JPpDUa5s9-eynLg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:52 GMT
X-Proxy-Origin
216.131.114.49; 216.131.114.49; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8f7c3f36-031c-4e40-b1f5-a6c682c17e96
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxwdFCAq79DCA3bj_-LygQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 21C3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM5OTYxMTYxMzgyMjQ0NjYxNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM5OTYxMTYxMzgyMjQ0NjYxNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiUrLazATAB&v=APEucNU4TMMV20LWzSLsURywvcExr86AueF4JI4hJEcBnzoHphALS-3x6cNgNTh1ExFHx1HHA4-gbKtnRNI98esQb_J0XxeLetwoy-NasB5T0kCD3HR-GuxGcCPabQrCTcVJpSj9VYenzlbsv2kH2jn2SWpHZa4lr0lNLN3CNfKzPPkW9s9WwLTc4pY2Qx23DNMSAkxdCyzarBJQh64JPpDUa5s9-eynLg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:52 GMT
X-Proxy-Origin
216.131.114.49; 216.131.114.49; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7b0a3226-52d7-42ec-8759-2630da6e7b28
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM5OTYxMTYxMzgyMjQ0NjYxNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mtrcs_220434.js
s79.mxcdn.net/bb-mx/serve/ Frame 3D04 		148 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-58.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8943b798efddc7a5ee242732dd0cb2f7f4d5c59417a97b3da42eae595bddf270

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Sep 2021 08:58:23 GMT
Server
nginx
ETag
"\W00000580191632733103776"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control
public, max-age=1800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58019
Expires
Wed, 29 Sep 2021 19:38:52 GMT
index.html
s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/ Frame B55F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f6.1e100.net
Software
sffe /
Resource Hash
0715c294a5665f00ddfd9e7b7e2627446466b2000f1f7cd8f931b08ac40617d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2046
date
Wed, 29 Sep 2021 10:22:56 GMT
expires
Thu, 30 Sep 2021 10:22:56 GMT
last-modified
Tue, 31 Aug 2021 16:09:17 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
31556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 3D04 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvbdj0o3-tGwViLG25BL8A73n6Sco_S4JESTb2CGRVrwrUwe0imh9MFBK-2ghUiOJweco5GOL7x5yd7KEaAfqk72XXFcj_zodZYFaOQ8YUTnISV20GDsECtRGE_txRVTuSu7ULY60b2VB5aYfK3uEwU5sF5NJE02xTIirpxN9ZmbMQduvUk3pcmRdw8F4d2WHc6FP_yYyl5HRhXKL0I_q0ndLUkpUdAQe0ypLa6bajszVcRWsYGaDn0Q8deqSglbk-bcGrSJ2KFaNouCfXZYpy917K2xfNs6X9ZXLmzBXSbxPq6rRHIIR38AzCt-iMZt9aIIGcngOjXGWRfJKSTDarNp5oOcsU2fRoVb-r1WiRKA29UBV992ybcg5OryF9q0FqI7VaJHpKYGPuIU2D_qth1pNE8L924e-qjV5xxr-ZapRvk9rlxXWgYr-iOwLD7VS89tWl5sCrs4RCuy-HWh1nK8NvNgZKKxet3a7k2pRo8S0admAK5IUKliB8lTE244u_EdI14P6h4Vm1p0MAKMDH0VRHskE4N1OHoithLjWxBw718hBk8z4I-Cjn6cyuW2jIfsACIVnkI_ETsPDZWhyDsqxPTYqQslEPwNCHPc02hjCMkHfx4OssrWHyDXjL5qNxv5gBFSBntresaR99XFbrJSc6vB-6iArj2a0VHjSffAbzGAE3iYDrlst1SMkYIKu1AqH0eIvJ3OJQAU_I87H3JA1797leDIlYW4YUxnFPb0gdaXoyB-X06Yp15ePAdleOIgvpCzUAFCmkKbxYT7nKE7FoYPB_HxqsPA48yroCqw6to_5-mOlObOaOrdXbiNeoy_7Fj4skWhQSYWARHETzu3a1eiwxgmhx7nLP4s_4Wb2K5l6nlUR8TPT1EJdr5JHJ-K3ZEWG2c517yTYtTNPWe3leMGHxVVje_rKO7q13qna_M-ggssKidGWg0OIIrRCKgzmelqbBkpF5xpG5rvE5vnX-U3lkZy-x8bnWMVATTz32Ph53gYVXsN8EhNVrTWZybEhB7uii3SHuGjX56ZTppsCjRREBaVkuFIxG3tHLr3x7aMYy1vcu2SfzC4jfdbMt1bH2_U-MDVuhmJk17uieZ5rVyyQ6yxRmakcherNRrA8Ayg9LRLV-Qx9GMfGhEpW4bEVShdJV-u3qOiwJ3bBbhywROH9UnlUHXWiFV3n-zM93RgbzSH7dP-xgNGQXnNqtjJUqhykCPO5mbLPYwOA61RvF-FemvU2zOgm6yPhr9tA&sai=AMfl-YS4uC-_KIPVoJ5YyBiP4AijmaOE9H_pMVPg569-e6QBM3DJUm6QFrZV5_QCEWlwTZuJVXFRFuLXH0JfPRbdmw3JhcAeb5biwswxVcfkcjnlABlMl2H_YMSxFlaEjsPAze5YOql34oAe2cRbiZoCt9xubuhocrglBIGbwnI&sig=Cg0ArKJSzDZkcTJHjCB7EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=369&cbvp=1&cstd=366&cisv=r20210927.58941&adurl=
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 29 Sep 2021 19:08:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F239 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 29 Sep 2021 19:08:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3D04 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
URL: https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 13:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 27 Sep 2022 13:28:21 GMT
truncated
/ Frame 3D04 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
545d060d7bc0fb88e84625728ca9fc74b70f19c08bd1b8479568875c6815568d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 01FA 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXf4QMIbP4aKHbYu3coZ-ZQup-VjwCk4-xGx7Qx2YB3gKn2qenQW3J5hpSmPbyVd_wDxFyuDNGA6kq98MCxHYpOY4ReSGVOGiTkU2WyArMD-FyS65UuNbJZbLreJUue2cdcOpSE6_sAsVTQZCxsPbLLj8Bxp_oKuL8GQ8FfLjZVPmUQXoP7it6LWH62HYSKGXCjr1YNAZ9Qz8_clhQksI_40F4QLQ
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXf4QMIbP4aKHbYu3coZ-ZQup-VjwCk4-xGx7Qx2YB3gKn2qenQW3J5hpSmPbyVd_wDxFyuDNGA6kq98MCxHYpOY4ReSGVOGiTkU2WyArMD-FyS65UuNbJZbLreJUue2cdcOpSE6_sAsVTQZCxsPbLLj8Bxp_oKuL8GQ8FfLjZVPmUQXoP7it6LWH62HYSKGXCjr1YNAZ9Qz8_clhQksI_40F4QLQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmkaaKgLi9bpLfAtPrYE0pVSaYPPykBcQlu0QC28CbXiSPy2X9mgtWOJky0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 29 Sep 2021 19:08:52 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C448 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWgzfB3HpiaPAVxJwomMamkyLdwrx5sUeCLheGoKmpwjoKI8gdSEg3FE15RxXYU8OFkaA-cNtJkLAovBX-453pI_YWk124BEWD0d0CxeqP2Atun45an-ifharFsM82L5NBpl0edlO36vvuh87hSSTQEUGi8Q&cry=1&dbm_d=AKAmf-BnUIcAtQoZH0DCakK2L8TB36q64A7AdBTny8HuPBCdg0EqZm7q3d4nQ-VCoDsGX8k94XRNWppPbi89h_xaP3FjbSW7AJvIBxcKnKFrIiLv5BAecg8gbX_ZVyDzCR_r57AqQP4hppXJsXAYYt2qdoiqEW8XrBXHl9Cxq9w3Zbmc8ZUyyn4O7xvezQ28x8hXbUklEi4H0ocU-xbWkGL7QJg6KfIsMu9qvdYiLS_Iu7ybtwV820f-wWXSipJbrXT2ahErdmId8zJRez-tArAXun9CrKFlFfu1S5P5rm0yhuPB5ja7f76KjzV8-zQxeXFHhFzkt59UjfPcmdYFb2OlQKUQkdm7rdOjBy-ciD8_XeyEChDn_72dydDYg-fAFmIH49TXDqAM9wcQn4sf4uCAq39nWnuL4J1m5QlYrE0e7M7-O0KaK5E5bh5BYzznHaLPn7zSYgBP5gcN0rVqlYaz5NQIhKqzoDdgXlLiPe-R-s8aeIUM7DiAI6UVzBIjY2I4ctm3r0MWCGUvHGkpOdzWKXEFV7rDz3FH6_Rsmus2MQtk2KJBus9ejrRrl3UA2Aoyn885xm-Z2IEgJv6FsYAqxsV1OXUFvApinuzt87VpImdce1UV101MuE3Ls5Fd7eum_o2bXxy_kEZpmMMGYzjg4OGS4Q6RXL0arUUfos6_k3AwyBZQfPPL9YSfarQLYsLICN-96dGuRUGeunHiMRxWlyxASK13mUMk0aNeaUW6UHe1YaCaZqVed9ZZCwEHkNlm5Zwe8pCD6F1cmxK-8lvZFi3OHxpjmKrYUg4-imCh35_uWx99sUK9IBPN5H5E971ci3ciTdsi7dX9KPvAceth92BxCxaiEc7pQbSYlMrTmwhqyQ73kCOD4-Y0MEbbHCXDJOzTQDMweX7Cz8DdezajJuGuuh1nyO-OyKOh7RWoI9wZkR-redoNYr1rzLsg5PkZoWg8vKbE1aj1G3J42Fx-vAV64k3C6Uwso15fLC2FBCRchi70hHlBuLKfpbpvhZHf82LUQ4m8RRXT7HpEns486WJYrPPwnlB34y_PXL-BAUKJrJ9WA2lfEMOX5MwncVjw6-QWxAO6mYs5vyAxfq1c5tvLyp-wgruglvF4IgqIyt_e2SdMQoZ2XqN9RTKN0-U-09W6vHdBRhXMSFanWQD87Dq8m0tWttB2UhV1m0BhphJTP_Ld5mj2n_YtSee0CDfcC3OUCPGKc0T2kF8huG50toUFjhtdv_ORgyBGIpEZBbYO-wQsbaNIEOsHUhY6l8HgPtpuJS07Fs2yK6pnqkDxITGWuqxLQA6OFpibV7sv5pLnSOFNhGFtCmnaegP15jpQFDFI86K4HZBBo9RUrKgkel9zKdwrjoTO4PMP22N_bNRekXXgRzLDULGQB0FsFuLopjFunC3W6q76-5pIYTnNyIRQNGlQfru-k0rvNVcFzVYVnscKGTVztoZ0vtdVgwlc2nmGrAVkdY4fkNm6yNvW_QZyeVowoJqFo57gXG4FtC2vntR4QCVkp-FxhdSPR7u3OHrDndfLs7xvaya92xMaq8nnArpJLjOWLLzcIc0tI8PlPnxAotvzHIGLHclt8dWnDA6Qs9SnOq4sjdDCQrHuzrm4DLv6NrsManJKKzWXWoPfsjc4J8d2SHM8xw6INrTT654oGzIra7aC7Fd7UM6ZXorEjfNltDC67ftLU1q9atP4z-qmDb7mu6b8_konE6dKd8QP0hlhlVMagB1k5GO6_ppUyafQT7hETzPENMPwMjzV_3kVsd85jx6S6kuC_VG_MbJdjZdBPNNXA6VyK7S-YZAWagfkpixVkoftABp68I3aOy-67bladiwhSTHkOa8oCJe_hbQfDq_pyehjlyh9F5qBSrCnoCgp7l4E0qcTttBtXuQxLkbMl-7v9ayXkCN9Zfaofg8vxEZnhtXNe8AotcvdZJDalxUykNGJETEbDHaR59U5AGdc9MOQHtrivFgz3-k7Ly0vv4Wdz42k42LnxaAqnDn07loSgJszuccGCAoLYiSCBWq4ewljNNcrWRFblJn8z53pR9b2zrelpL65zay8lBB6iicE9Rq-5l0MCp-X0GHtOmr5Ritj-gTOGTXCNG1oQT_Zfx6drGBZjPm3c6WTVONq9g1gV0OFwUJUX8ZJacrnbv_wmziQXgMUBa0t_93yoYQWO55-4MgxGm6OBFkF15qUW3G_icQ_zLzymyCHq6o0r5Xb61x4uhXpGa3-2pcPGiZr7wWfw9aeJYJMsjm5TiNqy4cr8BLk651YUXdb_IXO-a8yE69gYj4qYxWbxp7nQEECvlYKSbdeD-vyuJnzpmQk11o9L4HMcDSBIINL6J4IbSnXY2k36pb5GluoLOzKPBdsxOgfEUGR1WfzZRx-lju8-qxVBG4lxUPj987t1bWXaDK60f3deftbzI7b3Pn4fxz_1BFoSH1jyia3wTmsoF5EhyLCjyj4lPYjhfnabN5CIIab77jDC5ESCH-CQspRptSjcoU2IXKHeUkE3HRlP-ySMntpUISqRHe9dCeqeX69EVzpQHb5jQ4-C7AsXPL0-xmRIp_ORpxDRyhtPZIDoC-MBjLV_h6tpBFjtDeCh0SeFrDfu2vijZBx_Rsr4HZLFBBxiy_W3gFDbjJTNJUd6mRCI7RjrN7T0EWsPUOEJ5JaupMNN8QRoHxdRRKDiN8VsjDTMXXOS1pl4Zt3JIuRAR7T4fDRhlh0fPKuaWilOfQ00EvaQX69klCw-vznrxmbnLVDf3wE50JGmZvJaq0TA9bMbWW0uxqamuCFTooIwr6ezfmbbN45Zf9O7oWUPzxSnY7325aPmBAHw-eXi8G6ph7g_1ifKziHnlRCJYzy823sSDhNoPzmtNcp7YjdslhRHiaqKY9_AUAIxi4VCU9aPfA9mm-oifreCF5Q2A2dGGY3KfERwDvbrFVMGdK88wp4F9btKKPr2m9StET8ZtfgKRwHYBJnfi0q_9XsI4tdR-9GGecxWNKp75lHgkSHXr1eddr-g2wG3mdm7OsiauEC0bR0ZWsPiVMG2Ng38zDdS8xEjT87GCaiO72m-GY4zmOyJtSdydUakz18afm-srCucpQZnaqvfPTBMzImxV5sa3AvtPOtV3-fo1U6Pw32DMrhI5Yge2dm9XhsJX04A0XRatQVGIRKVYt8AymUx7JdheygVPL39iYc4zo8mcfljwlqNJDvBy8DQrTYQ5xasyRHVzK502XfxCNYW_BdkMO1YBvJjsyQp6GYt9_SfYsQZrXK-YLaSJ4I-VdCVKzS221rPDF6c1roVFeum0bbUcZS9SGtQqoMki-jzuj7y_p9KvptA09DH02avje67DUUAg6RpSwGCRLde5WQMjZj2Waqmz4FeraXU0eu_DPJLfJwAZjy_TPU3PzByBZtqkovySeyGW52mDoLZbEuC8zaTlEeaUoaAaiAJ5wBFWKTi-9LsUwcZosbmWaVXohCCbM6w_vQ8FUKnXNwcq2HFtnhs9vU4m40h-heqEf8DVIocdKlYGwMnNS9Fl3Bet5tjcGaXRtpVAT7VVe5BLpJKkCiZotoeo9XGSvOeKV_bJY-9u3M0EMEaOons99R3eGqLlOSRgPVwQ3BtEUuhxlNRtqVw5Nlk9Jmf9a47qtED0-aqWEIs-zrN-7u&cid=CAASEuRoLn1gsBEqREKQYAi1Votkbw&rfl=2%2Chttps%253A%252F%252Fnewsmaker.md%242%2Chttps%253A%252F%252Fnewsmaker.md%252F%240
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
0a9e258a866533b1cff265461ce454ddb9b97c065350de57cc952ee03857ea1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C448 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BenvdZZ_VFxrIoA_Boqi76N8ib5iJmYTkbwKcwPmsZ8T4TbJLLwMrhEJ6KCdEPdOcneyxGzAuRDi32eaHcVrIkVsq_aKxKnaFO_YjypQtuIa-oC_w
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame C448 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 19:00:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C448 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 19:08:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame C448 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 19:07:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7021 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092706&jk=1031891814195095&rc=
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=19a849a179263663&pm=bmn&p5=kdnse&rand=caqawwp&sj=OiyXs5Ep-b2rx4HEy3ek9mlHbQd7OkqvSZcvtA_1TTZOYgqGhSLi0HuHmL41&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=cczra&rqs=wb1e7PGgRAjBuVRhjUNEuuNn2G9c08XQ&p2=y
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:52 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame D85E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:07:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
57670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 29 Sep 2022 03:07:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F09F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 29 Sep 2021 18:58:33 GMT
expires
Thu, 29 Sep 2022 18:58:33 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
619
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 560F 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
8a9fea5e4a7f671e75b15e1eba0b76043f7d59402f96119959f115d4db6e35e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F3yKTOODSO0cOMgiAqDwWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsmaker.md/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 29 Sep 2021 19:08:52 GMT
date
Wed, 29 Sep 2021 19:08:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-F3yKTOODSO0cOMgiAqDwWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 53E9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 27 Sep 2021 13:28:22 GMT
expires
Tue, 27 Sep 2022 13:28:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
193230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame C448 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWgzfB3HpiaPAVxJwomMamkyLdwrx5sUeCLheGoKmpwjoKI8gdSEg3FE15RxXYU8OFkaA-cNtJkLAovBX-453pI_YWk124BEWD0d0CxeqP2Atun45an-ifharFsM82L5NBpl0edlO36vvuh87hSSTQEUGi8Q&cry=1&dbm_d=AKAmf-BnUIcAtQoZH0DCakK2L8TB36q64A7AdBTny8HuPBCdg0EqZm7q3d4nQ-VCoDsGX8k94XRNWppPbi89h_xaP3FjbSW7AJvIBxcKnKFrIiLv5BAecg8gbX_ZVyDzCR_r57AqQP4hppXJsXAYYt2qdoiqEW8XrBXHl9Cxq9w3Zbmc8ZUyyn4O7xvezQ28x8hXbUklEi4H0ocU-xbWkGL7QJg6KfIsMu9qvdYiLS_Iu7ybtwV820f-wWXSipJbrXT2ahErdmId8zJRez-tArAXun9CrKFlFfu1S5P5rm0yhuPB5ja7f76KjzV8-zQxeXFHhFzkt59UjfPcmdYFb2OlQKUQkdm7rdOjBy-ciD8_XeyEChDn_72dydDYg-fAFmIH49TXDqAM9wcQn4sf4uCAq39nWnuL4J1m5QlYrE0e7M7-O0KaK5E5bh5BYzznHaLPn7zSYgBP5gcN0rVqlYaz5NQIhKqzoDdgXlLiPe-R-s8aeIUM7DiAI6UVzBIjY2I4ctm3r0MWCGUvHGkpOdzWKXEFV7rDz3FH6_Rsmus2MQtk2KJBus9ejrRrl3UA2Aoyn885xm-Z2IEgJv6FsYAqxsV1OXUFvApinuzt87VpImdce1UV101MuE3Ls5Fd7eum_o2bXxy_kEZpmMMGYzjg4OGS4Q6RXL0arUUfos6_k3AwyBZQfPPL9YSfarQLYsLICN-96dGuRUGeunHiMRxWlyxASK13mUMk0aNeaUW6UHe1YaCaZqVed9ZZCwEHkNlm5Zwe8pCD6F1cmxK-8lvZFi3OHxpjmKrYUg4-imCh35_uWx99sUK9IBPN5H5E971ci3ciTdsi7dX9KPvAceth92BxCxaiEc7pQbSYlMrTmwhqyQ73kCOD4-Y0MEbbHCXDJOzTQDMweX7Cz8DdezajJuGuuh1nyO-OyKOh7RWoI9wZkR-redoNYr1rzLsg5PkZoWg8vKbE1aj1G3J42Fx-vAV64k3C6Uwso15fLC2FBCRchi70hHlBuLKfpbpvhZHf82LUQ4m8RRXT7HpEns486WJYrPPwnlB34y_PXL-BAUKJrJ9WA2lfEMOX5MwncVjw6-QWxAO6mYs5vyAxfq1c5tvLyp-wgruglvF4IgqIyt_e2SdMQoZ2XqN9RTKN0-U-09W6vHdBRhXMSFanWQD87Dq8m0tWttB2UhV1m0BhphJTP_Ld5mj2n_YtSee0CDfcC3OUCPGKc0T2kF8huG50toUFjhtdv_ORgyBGIpEZBbYO-wQsbaNIEOsHUhY6l8HgPtpuJS07Fs2yK6pnqkDxITGWuqxLQA6OFpibV7sv5pLnSOFNhGFtCmnaegP15jpQFDFI86K4HZBBo9RUrKgkel9zKdwrjoTO4PMP22N_bNRekXXgRzLDULGQB0FsFuLopjFunC3W6q76-5pIYTnNyIRQNGlQfru-k0rvNVcFzVYVnscKGTVztoZ0vtdVgwlc2nmGrAVkdY4fkNm6yNvW_QZyeVowoJqFo57gXG4FtC2vntR4QCVkp-FxhdSPR7u3OHrDndfLs7xvaya92xMaq8nnArpJLjOWLLzcIc0tI8PlPnxAotvzHIGLHclt8dWnDA6Qs9SnOq4sjdDCQrHuzrm4DLv6NrsManJKKzWXWoPfsjc4J8d2SHM8xw6INrTT654oGzIra7aC7Fd7UM6ZXorEjfNltDC67ftLU1q9atP4z-qmDb7mu6b8_konE6dKd8QP0hlhlVMagB1k5GO6_ppUyafQT7hETzPENMPwMjzV_3kVsd85jx6S6kuC_VG_MbJdjZdBPNNXA6VyK7S-YZAWagfkpixVkoftABp68I3aOy-67bladiwhSTHkOa8oCJe_hbQfDq_pyehjlyh9F5qBSrCnoCgp7l4E0qcTttBtXuQxLkbMl-7v9ayXkCN9Zfaofg8vxEZnhtXNe8AotcvdZJDalxUykNGJETEbDHaR59U5AGdc9MOQHtrivFgz3-k7Ly0vv4Wdz42k42LnxaAqnDn07loSgJszuccGCAoLYiSCBWq4ewljNNcrWRFblJn8z53pR9b2zrelpL65zay8lBB6iicE9Rq-5l0MCp-X0GHtOmr5Ritj-gTOGTXCNG1oQT_Zfx6drGBZjPm3c6WTVONq9g1gV0OFwUJUX8ZJacrnbv_wmziQXgMUBa0t_93yoYQWO55-4MgxGm6OBFkF15qUW3G_icQ_zLzymyCHq6o0r5Xb61x4uhXpGa3-2pcPGiZr7wWfw9aeJYJMsjm5TiNqy4cr8BLk651YUXdb_IXO-a8yE69gYj4qYxWbxp7nQEECvlYKSbdeD-vyuJnzpmQk11o9L4HMcDSBIINL6J4IbSnXY2k36pb5GluoLOzKPBdsxOgfEUGR1WfzZRx-lju8-qxVBG4lxUPj987t1bWXaDK60f3deftbzI7b3Pn4fxz_1BFoSH1jyia3wTmsoF5EhyLCjyj4lPYjhfnabN5CIIab77jDC5ESCH-CQspRptSjcoU2IXKHeUkE3HRlP-ySMntpUISqRHe9dCeqeX69EVzpQHb5jQ4-C7AsXPL0-xmRIp_ORpxDRyhtPZIDoC-MBjLV_h6tpBFjtDeCh0SeFrDfu2vijZBx_Rsr4HZLFBBxiy_W3gFDbjJTNJUd6mRCI7RjrN7T0EWsPUOEJ5JaupMNN8QRoHxdRRKDiN8VsjDTMXXOS1pl4Zt3JIuRAR7T4fDRhlh0fPKuaWilOfQ00EvaQX69klCw-vznrxmbnLVDf3wE50JGmZvJaq0TA9bMbWW0uxqamuCFTooIwr6ezfmbbN45Zf9O7oWUPzxSnY7325aPmBAHw-eXi8G6ph7g_1ifKziHnlRCJYzy823sSDhNoPzmtNcp7YjdslhRHiaqKY9_AUAIxi4VCU9aPfA9mm-oifreCF5Q2A2dGGY3KfERwDvbrFVMGdK88wp4F9btKKPr2m9StET8ZtfgKRwHYBJnfi0q_9XsI4tdR-9GGecxWNKp75lHgkSHXr1eddr-g2wG3mdm7OsiauEC0bR0ZWsPiVMG2Ng38zDdS8xEjT87GCaiO72m-GY4zmOyJtSdydUakz18afm-srCucpQZnaqvfPTBMzImxV5sa3AvtPOtV3-fo1U6Pw32DMrhI5Yge2dm9XhsJX04A0XRatQVGIRKVYt8AymUx7JdheygVPL39iYc4zo8mcfljwlqNJDvBy8DQrTYQ5xasyRHVzK502XfxCNYW_BdkMO1YBvJjsyQp6GYt9_SfYsQZrXK-YLaSJ4I-VdCVKzS221rPDF6c1roVFeum0bbUcZS9SGtQqoMki-jzuj7y_p9KvptA09DH02avje67DUUAg6RpSwGCRLde5WQMjZj2Waqmz4FeraXU0eu_DPJLfJwAZjy_TPU3PzByBZtqkovySeyGW52mDoLZbEuC8zaTlEeaUoaAaiAJ5wBFWKTi-9LsUwcZosbmWaVXohCCbM6w_vQ8FUKnXNwcq2HFtnhs9vU4m40h-heqEf8DVIocdKlYGwMnNS9Fl3Bet5tjcGaXRtpVAT7VVe5BLpJKkCiZotoeo9XGSvOeKV_bJY-9u3M0EMEaOons99R3eGqLlOSRgPVwQ3BtEUuhxlNRtqVw5Nlk9Jmf9a47qtED0-aqWEIs-zrN-7u&cid=CAASEuRoLn1gsBEqREKQYAi1Votkbw&rfl=2%2Chttps%253A%252F%252Fnewsmaker.md%242%2Chttps%253A%252F%252Fnewsmaker.md%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
7cc64ec2f55ae9d24be2ca2bd4f933dcf99c9be0ae35871489cf235d5cee6af0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9205
x-xss-protection
0
server
cafe
etag
2170525750406684717
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 19:05:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C448 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWgzfB3HpiaPAVxJwomMamkyLdwrx5sUeCLheGoKmpwjoKI8gdSEg3FE15RxXYU8OFkaA-cNtJkLAovBX-453pI_YWk124BEWD0d0CxeqP2Atun45an-ifharFsM82L5NBpl0edlO36vvuh87hSSTQEUGi8Q&cry=1&dbm_d=AKAmf-BnUIcAtQoZH0DCakK2L8TB36q64A7AdBTny8HuPBCdg0EqZm7q3d4nQ-VCoDsGX8k94XRNWppPbi89h_xaP3FjbSW7AJvIBxcKnKFrIiLv5BAecg8gbX_ZVyDzCR_r57AqQP4hppXJsXAYYt2qdoiqEW8XrBXHl9Cxq9w3Zbmc8ZUyyn4O7xvezQ28x8hXbUklEi4H0ocU-xbWkGL7QJg6KfIsMu9qvdYiLS_Iu7ybtwV820f-wWXSipJbrXT2ahErdmId8zJRez-tArAXun9CrKFlFfu1S5P5rm0yhuPB5ja7f76KjzV8-zQxeXFHhFzkt59UjfPcmdYFb2OlQKUQkdm7rdOjBy-ciD8_XeyEChDn_72dydDYg-fAFmIH49TXDqAM9wcQn4sf4uCAq39nWnuL4J1m5QlYrE0e7M7-O0KaK5E5bh5BYzznHaLPn7zSYgBP5gcN0rVqlYaz5NQIhKqzoDdgXlLiPe-R-s8aeIUM7DiAI6UVzBIjY2I4ctm3r0MWCGUvHGkpOdzWKXEFV7rDz3FH6_Rsmus2MQtk2KJBus9ejrRrl3UA2Aoyn885xm-Z2IEgJv6FsYAqxsV1OXUFvApinuzt87VpImdce1UV101MuE3Ls5Fd7eum_o2bXxy_kEZpmMMGYzjg4OGS4Q6RXL0arUUfos6_k3AwyBZQfPPL9YSfarQLYsLICN-96dGuRUGeunHiMRxWlyxASK13mUMk0aNeaUW6UHe1YaCaZqVed9ZZCwEHkNlm5Zwe8pCD6F1cmxK-8lvZFi3OHxpjmKrYUg4-imCh35_uWx99sUK9IBPN5H5E971ci3ciTdsi7dX9KPvAceth92BxCxaiEc7pQbSYlMrTmwhqyQ73kCOD4-Y0MEbbHCXDJOzTQDMweX7Cz8DdezajJuGuuh1nyO-OyKOh7RWoI9wZkR-redoNYr1rzLsg5PkZoWg8vKbE1aj1G3J42Fx-vAV64k3C6Uwso15fLC2FBCRchi70hHlBuLKfpbpvhZHf82LUQ4m8RRXT7HpEns486WJYrPPwnlB34y_PXL-BAUKJrJ9WA2lfEMOX5MwncVjw6-QWxAO6mYs5vyAxfq1c5tvLyp-wgruglvF4IgqIyt_e2SdMQoZ2XqN9RTKN0-U-09W6vHdBRhXMSFanWQD87Dq8m0tWttB2UhV1m0BhphJTP_Ld5mj2n_YtSee0CDfcC3OUCPGKc0T2kF8huG50toUFjhtdv_ORgyBGIpEZBbYO-wQsbaNIEOsHUhY6l8HgPtpuJS07Fs2yK6pnqkDxITGWuqxLQA6OFpibV7sv5pLnSOFNhGFtCmnaegP15jpQFDFI86K4HZBBo9RUrKgkel9zKdwrjoTO4PMP22N_bNRekXXgRzLDULGQB0FsFuLopjFunC3W6q76-5pIYTnNyIRQNGlQfru-k0rvNVcFzVYVnscKGTVztoZ0vtdVgwlc2nmGrAVkdY4fkNm6yNvW_QZyeVowoJqFo57gXG4FtC2vntR4QCVkp-FxhdSPR7u3OHrDndfLs7xvaya92xMaq8nnArpJLjOWLLzcIc0tI8PlPnxAotvzHIGLHclt8dWnDA6Qs9SnOq4sjdDCQrHuzrm4DLv6NrsManJKKzWXWoPfsjc4J8d2SHM8xw6INrTT654oGzIra7aC7Fd7UM6ZXorEjfNltDC67ftLU1q9atP4z-qmDb7mu6b8_konE6dKd8QP0hlhlVMagB1k5GO6_ppUyafQT7hETzPENMPwMjzV_3kVsd85jx6S6kuC_VG_MbJdjZdBPNNXA6VyK7S-YZAWagfkpixVkoftABp68I3aOy-67bladiwhSTHkOa8oCJe_hbQfDq_pyehjlyh9F5qBSrCnoCgp7l4E0qcTttBtXuQxLkbMl-7v9ayXkCN9Zfaofg8vxEZnhtXNe8AotcvdZJDalxUykNGJETEbDHaR59U5AGdc9MOQHtrivFgz3-k7Ly0vv4Wdz42k42LnxaAqnDn07loSgJszuccGCAoLYiSCBWq4ewljNNcrWRFblJn8z53pR9b2zrelpL65zay8lBB6iicE9Rq-5l0MCp-X0GHtOmr5Ritj-gTOGTXCNG1oQT_Zfx6drGBZjPm3c6WTVONq9g1gV0OFwUJUX8ZJacrnbv_wmziQXgMUBa0t_93yoYQWO55-4MgxGm6OBFkF15qUW3G_icQ_zLzymyCHq6o0r5Xb61x4uhXpGa3-2pcPGiZr7wWfw9aeJYJMsjm5TiNqy4cr8BLk651YUXdb_IXO-a8yE69gYj4qYxWbxp7nQEECvlYKSbdeD-vyuJnzpmQk11o9L4HMcDSBIINL6J4IbSnXY2k36pb5GluoLOzKPBdsxOgfEUGR1WfzZRx-lju8-qxVBG4lxUPj987t1bWXaDK60f3deftbzI7b3Pn4fxz_1BFoSH1jyia3wTmsoF5EhyLCjyj4lPYjhfnabN5CIIab77jDC5ESCH-CQspRptSjcoU2IXKHeUkE3HRlP-ySMntpUISqRHe9dCeqeX69EVzpQHb5jQ4-C7AsXPL0-xmRIp_ORpxDRyhtPZIDoC-MBjLV_h6tpBFjtDeCh0SeFrDfu2vijZBx_Rsr4HZLFBBxiy_W3gFDbjJTNJUd6mRCI7RjrN7T0EWsPUOEJ5JaupMNN8QRoHxdRRKDiN8VsjDTMXXOS1pl4Zt3JIuRAR7T4fDRhlh0fPKuaWilOfQ00EvaQX69klCw-vznrxmbnLVDf3wE50JGmZvJaq0TA9bMbWW0uxqamuCFTooIwr6ezfmbbN45Zf9O7oWUPzxSnY7325aPmBAHw-eXi8G6ph7g_1ifKziHnlRCJYzy823sSDhNoPzmtNcp7YjdslhRHiaqKY9_AUAIxi4VCU9aPfA9mm-oifreCF5Q2A2dGGY3KfERwDvbrFVMGdK88wp4F9btKKPr2m9StET8ZtfgKRwHYBJnfi0q_9XsI4tdR-9GGecxWNKp75lHgkSHXr1eddr-g2wG3mdm7OsiauEC0bR0ZWsPiVMG2Ng38zDdS8xEjT87GCaiO72m-GY4zmOyJtSdydUakz18afm-srCucpQZnaqvfPTBMzImxV5sa3AvtPOtV3-fo1U6Pw32DMrhI5Yge2dm9XhsJX04A0XRatQVGIRKVYt8AymUx7JdheygVPL39iYc4zo8mcfljwlqNJDvBy8DQrTYQ5xasyRHVzK502XfxCNYW_BdkMO1YBvJjsyQp6GYt9_SfYsQZrXK-YLaSJ4I-VdCVKzS221rPDF6c1roVFeum0bbUcZS9SGtQqoMki-jzuj7y_p9KvptA09DH02avje67DUUAg6RpSwGCRLde5WQMjZj2Waqmz4FeraXU0eu_DPJLfJwAZjy_TPU3PzByBZtqkovySeyGW52mDoLZbEuC8zaTlEeaUoaAaiAJ5wBFWKTi-9LsUwcZosbmWaVXohCCbM6w_vQ8FUKnXNwcq2HFtnhs9vU4m40h-heqEf8DVIocdKlYGwMnNS9Fl3Bet5tjcGaXRtpVAT7VVe5BLpJKkCiZotoeo9XGSvOeKV_bJY-9u3M0EMEaOons99R3eGqLlOSRgPVwQ3BtEUuhxlNRtqVw5Nlk9Jmf9a47qtED0-aqWEIs-zrN-7u&cid=CAASEuRoLn1gsBEqREKQYAi1Votkbw&rfl=2%2Chttps%253A%252F%252Fnewsmaker.md%242%2Chttps%253A%252F%252Fnewsmaker.md%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 13:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 27 Sep 2022 13:28:21 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B55F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f6.1e100.net
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Sep 2021 19:08:52 GMT
script.js
s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/js/ Frame B55F 		4 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f6.1e100.net
Software
sffe /
Resource Hash
95f3fb6ce7487d2329cd57c2c5f47f0a5a0e8408c11538b42ec5a713d2b77bd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 13:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
844
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 16:09:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Sep 2021 13:19:41 GMT
stat
stat.meetrics.net/ Frame 3D04 		82 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.meetrics.net/stat
Requested by
Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.15.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h339.meetrics.de
Software
nginx /
Resource Hash
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:52 GMT
Cache-Control
private, no-cache, must-revalidate
Last-Modified
Wed, 29 Sep 2021 19:08:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
gettag
s79.research.de.com/bb-mxad/ Frame 3D04 		0
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s79.research.de.com/bb-mxad/gettag
Requested by
Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.47.15.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h549.meetrics.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:52 GMT
Cache-control
private,must-revalidate
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/octet-stream
submit
b181.s79.research.de.com/bb-mx/ Frame 3D04 		43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b181.s79.research.de.com/bb-mx/submit?/+PqyBvAAA/whFxBo0F0wFz6BvvAmhF2lEjjFi1BiwBy3AjwByjEmjFjiFyjE13A5hEm5Bh4B4yAuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFs/Bu9BxBE0pyFo0F0wFz6BvvAulF3zFthFrlFyuBtkFvBE+k2FoywAyxAtwA5tAy3AtwA46A13AtyAywA0zA0tAyuAxyAyuA4tAz0Ax3A3lE5zAKp6Fsp3Fx2AzyA50Ay1AzwA44A5BEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5wAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BwBELlnFB/k0FtBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2zA1yA3yA3mAzpF0lF91A51Ay3Az5AmwEshFjlF9zAxyA2yAx2Ay3AmjEpkF9xA12A41A2zAwxAmzEp6Fl9BzwAw4E2wAwmAjiF9yAw3Ax3A0yA3yA4BEUkzFpBFAAAAAAsEYJYJAPAAAAAAAAAOAAAAGBAAAAAsEYJYJABPhAAAAAAAAB5soAZKAAFAx8Ez8ExBEGAx2A23AxzArr1pAPAAAFAA5soTr1pASksF5EbAAAAAAAAAAAAEAAA5soAAAAAAAIAy2Az1Ay3Ay3AJAzxAy2AyxA2yA3BEHA15A1yA3zA5BEHAzwAw4E2wAwBEJAx1A24A12AzwAxBEHA53A14Az2A2BEdAAAAAAsEAYJAFAAAr1pAAAdBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AzwA0yA2xA13AwzAwvAywAtJEXFFtFEkpF0pFvuFzwAtIEhsFmQFhnFltBzwAw4E2wAwtATVFWfFWyBvpEukFl4FuoE0tFsBFCAIQFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFAFn/VA
Requested by
Host: fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
URL: https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h359.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:52 GMT
Server
nginx
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Wed, 29 Sep 2021 19:08:51 GMT
data
b181.s79.research.de.com/ Frame 3D04 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b181.s79.research.de.com/data?/+PqyCwAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFykVNSA
Requested by
Host: fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
URL: https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h359.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:52 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Wed, 29-Sep-21 19:08:51 GMT
sd
us-u.openx.net/w/1.0/ Frame 01FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFnLXiqU0QrUTgPQyLwtQGA&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFnLXiqU0QrUTgPQyLwtQGA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXf4QMIbP4aKHbYu3coZ-ZQup-VjwCk4-xGx7Qx2YB3gKn2qenQW3J5hpSmPbyVd_wDxFyuDNGA6kq98MCxHYpOY4ReSGVOGiTkU2WyArMD-FyS65UuNbJZbLreJUue2cdcOpSE6_sAsVTQZCxsPbLLj8Bxp_oKuL8GQ8FfLjZVPmUQXoP7it6LWH62HYSKGXCjr1YNAZ9Qz8_clhQksI_40F4QLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFnLXiqU0QrUTgPQyLwtQGA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 01FA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDczMzZlOTYtZmU5Yy0yMWNhLWNiN2UtZDU5M2VjNjc4OTg1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDczMzZlOTYtZmU5Yy0yMWNhLWNiN2UtZDU5M2VjNjc4OTg1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXf4QMIbP4aKHbYu3coZ-ZQup-VjwCk4-xGx7Qx2YB3gKn2qenQW3J5hpSmPbyVd_wDxFyuDNGA6kq98MCxHYpOY4ReSGVOGiTkU2WyArMD-FyS65UuNbJZbLreJUue2cdcOpSE6_sAsVTQZCxsPbLLj8Bxp_oKuL8GQ8FfLjZVPmUQXoP7it6LWH62HYSKGXCjr1YNAZ9Qz8_clhQksI_40F4QLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 29 Sep 2021 19:08:53 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDczMzZlOTYtZmU5Yy0yMWNhLWNiN2UtZDU5M2VjNjc4OTg1
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 01FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEqFfKvInaBc-VU8CRrX8Os&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEqFfKvInaBc-VU8CRrX8Os&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXf4QMIbP4aKHbYu3coZ-ZQup-VjwCk4-xGx7Qx2YB3gKn2qenQW3J5hpSmPbyVd_wDxFyuDNGA6kq98MCxHYpOY4ReSGVOGiTkU2WyArMD-FyS65UuNbJZbLreJUue2cdcOpSE6_sAsVTQZCxsPbLLj8Bxp_oKuL8GQ8FfLjZVPmUQXoP7it6LWH62HYSKGXCjr1YNAZ9Qz8_clhQksI_40F4QLQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 29 Sep 2021 19:08:53 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEqFfKvInaBc-VU8CRrX8Os&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 01FA 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXf4QMIbP4aKHbYu3coZ-ZQup-VjwCk4-xGx7Qx2YB3gKn2qenQW3J5hpSmPbyVd_wDxFyuDNGA6kq98MCxHYpOY4ReSGVOGiTkU2WyArMD-FyS65UuNbJZbLreJUue2cdcOpSE6_sAsVTQZCxsPbLLj8Bxp_oKuL8GQ8FfLjZVPmUQXoP7it6LWH62HYSKGXCjr1YNAZ9Qz8_clhQksI_40F4QLQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 29 Sep 2021 19:08:53 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
event
ads.adfox.ru/239538/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=428f46647120cde1&pm=bmn&p5=kdcvb&rand=glpfrfj&sj=JomfwEDmfKcruQsa8wWHd0SqkcurWGnmuUZGG2qO6fLy812_PDRjpwp81bmdgg%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=ciejl&rqs=wclpZXY5xF3BuVRhp8EOculNYCyn_KVC&p2=y
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:53 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3D04 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvbdj0o3-tGwViLG25BL8A73n6Sco_S4JESTb2CGRVrwrUwe0imh9MFBK-2ghUiOJweco5GOL7x5yd7KEaAfqk72XXFcj_zodZYFaOQ8YUTnISV20GDsECtRGE_txRVTuSu7ULY60b2VB5aYfK3uEwU5sF5NJE02xTIirpxN9ZmbMQduvUk3pcmRdw8F4d2WHc6FP_yYyl5HRhXKL0I_q0ndLUkpUdAQe0ypLa6bajszVcRWsYGaDn0Q8deqSglbk-bcGrSJ2KFaNouCfXZYpy917K2xfNs6X9ZXLmzBXSbxPq6rRHIIR38AzCt-iMZt9aIIGcngOjXGWRfJKSTDarNp5oOcsU2fRoVb-r1WiRKA29UBV992ybcg5OryF9q0FqI7VaJHpKYGPuIU2D_qth1pNE8L924e-qjV5xxr-ZapRvk9rlxXWgYr-iOwLD7VS89tWl5sCrs4RCuy-HWh1nK8NvNgZKKxet3a7k2pRo8S0admAK5IUKliB8lTE244u_EdI14P6h4Vm1p0MAKMDH0VRHskE4N1OHoithLjWxBw718hBk8z4I-Cjn6cyuW2jIfsACIVnkI_ETsPDZWhyDsqxPTYqQslEPwNCHPc02hjCMkHfx4OssrWHyDXjL5qNxv5gBFSBntresaR99XFbrJSc6vB-6iArj2a0VHjSffAbzGAE3iYDrlst1SMkYIKu1AqH0eIvJ3OJQAU_I87H3JA1797leDIlYW4YUxnFPb0gdaXoyB-X06Yp15ePAdleOIgvpCzUAFCmkKbxYT7nKE7FoYPB_HxqsPA48yroCqw6to_5-mOlObOaOrdXbiNeoy_7Fj4skWhQSYWARHETzu3a1eiwxgmhx7nLP4s_4Wb2K5l6nlUR8TPT1EJdr5JHJ-K3ZEWG2c517yTYtTNPWe3leMGHxVVje_rKO7q13qna_M-ggssKidGWg0OIIrRCKgzmelqbBkpF5xpG5rvE5vnX-U3lkZy-x8bnWMVATTz32Ph53gYVXsN8EhNVrTWZybEhB7uii3SHuGjX56ZTppsCjRREBaVkuFIxG3tHLr3x7aMYy1vcu2SfzC4jfdbMt1bH2_U-MDVuhmJk17uieZ5rVyyQ6yxRmakcherNRrA8Ayg9LRLV-Qx9GMfGhEpW4bEVShdJV-u3qOiwJ3bBbhywROH9UnlUHXWiFV3n-zM93RgbzSH7dP-xgNGQXnNqtjJUqhykCPO5mbLPYwOA61RvF-FemvU2zOgm6yPhr9tA&sai=AMfl-YS4uC-_KIPVoJ5YyBiP4AijmaOE9H_pMVPg569-e6QBM3DJUm6QFrZV5_QCEWlwTZuJVXFRFuLXH0JfPRbdmw3JhcAeb5biwswxVcfkcjnlABlMl2H_YMSxFlaEjsPAze5YOql34oAe2cRbiZoCt9xubuhocrglBIGbwnI&sig=Cg0ArKJSzDZkcTJHjCB7EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=722&vt=11&dtpt=353&dett=3&cstd=366&cisv=r20210927.58941&adurl=
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 19:08:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
4727t6qteyti
hal9000.redintelligence.net/zone/ Frame C448 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuy6hxLlUYZ7_As6c-gbSiY6gB7XN-YNX_Ni5q-UM8C4QASCxk-15YJUCyAEJqQJRsKvVDnyzPqgDAaoE9QFP0EODDW7f6IWh7x136CRib-ZUsd6rHuvdtCIXmYFwTJuFkgT_WiQ4T67CrdpAfct73-VoAn09pl3SPBy1XH6YDw4ley9aIHwJtq6-EbV9SuwRrH2T19-XinfgeflBkps6dMr24Av0mGZoTWCpUeohTKM87FRtVlSS7aUMBg3qiN_zp1i6B_L5SBiZaQEUEu_bzUuG29ypyjWfmSeDHXUPEhKfWYVDwbAP__xPObjlzeG84hzqokSHvydYRNnwQ7noZRWRsEV0BbRTGHNfLDANQl5c2k3dT_ce6z1AeOuY_-R-YVbRwS5237VERVOBDigP6YZ0O8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI4MDc1OTM3MTgzNjYzNzSACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLn1gsBEqREKQYAi1Votkbw%26sig%3DAOD64_1ApJPY_ArA6lcUdtyNaqpcuFCuoQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-DLzdcSFU5EFqJXHbXG3mXwvlFs1IH1tqUq6WtjTMdqxa68UruVSxtgb8ED1PUFTuzccUMwHbJkKXNTjb1MNrJs20O7DPc2wQ1aMBg-hDYCHd1IazYyQ6X5NJ0JdXWN9vOUo71Z5F3MK6HC5O7kJ43fv3O1DQ%26cry%3D1%26dbm_d%3DAKAmf-BfWDwW_GxHP8-85n-gCy0DVJFXTfERkcUIesHezJ-aEDwjCKTlzL9_e9wJfYlUg_GgrnyjjRGwkrz1fcWdxzzEKgVBqYMipI-4PlUBJlZogpVAqzfAX0ejsoC9-EHwBgDbLjdk-SD1uKkkGYabnQM0ymR8mruW_SyzJAla6thBEM327mmzlyPtXOo_iMQ51SuiCviu6_h93EX5RdOvc1YDsHWJNz6LExcBDTRZGh8q7lQ9eoNMBtfktuHj8rzfg77UjRu5rI-bPm-fWBfyyBhtv-aJIlVFugkYU5O3ayw8rJ3s0pO8zIJJrf3RuUZVZsdp45Kyh9bvZWdIzn1Ctn1kUvk9kkGUeJPUadMR1zICWtZCSVSpYG5NAVrkVrIFf4mxOgVUBdTf4qXLLdw9Fo0GN5BvIapnLBhpBLQzm4QXL7nOBKfg1lTXcrMHY1nhPuXYBqDp%26adurl%3D
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7a2ab7b34d1c360e38681b19b6822f32c88271d7607698ca7a658ea015aa6bb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:53 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3942
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 647C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 27 Sep 2021 13:28:22 GMT
expires
Tue, 27 Sep 2022 13:28:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
193231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 560F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092703&jk=2828698393187892&rc=
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame 53E9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:07:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
57671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 29 Sep 2022 03:07:42 GMT
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame F09F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:07:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
57671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 29 Sep 2022 03:07:42 GMT
request.php
hal900018.redintelligence.net/ Frame C448
Redirect Chain
  • https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=c42a4e7b79&subid=&uid=11f4959f7e6a8ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=c42a4e7b79&subid=&uid=11f4959f7e6a8ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=c42a4e7b79&subid=&uid=11f4959f7e6a8ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuy6hxLlUYZ7_As6c-gbSiY6gB7XN-YNX_Ni5q-UM8C4QASCxk-15YJUCyAEJqQJRsKvVDnyzPqgDAaoE9QFP0EODDW7f6IWh7x136CRib-ZUsd6rHuvdtCIXmYFwTJuFkgT_WiQ4T67CrdpAfct73-VoAn09pl3SPBy1XH6YDw4ley9aIHwJtq6-EbV9SuwRrH2T19-XinfgeflBkps6dMr24Av0mGZoTWCpUeohTKM87FRtVlSS7aUMBg3qiN_zp1i6B_L5SBiZaQEUEu_bzUuG29ypyjWfmSeDHXUPEhKfWYVDwbAP__xPObjlzeG84hzqokSHvydYRNnwQ7noZRWRsEV0BbRTGHNfLDANQl5c2k3dT_ce6z1AeOuY_-R-YVbRwS5237VERVOBDigP6YZ0O8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI4MDc1OTM3MTgzNjYzNzSACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLn1gsBEqREKQYAi1Votkbw%26sig%3DAOD64_1ApJPY_ArA6lcUdtyNaqpcuFCuoQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-DLzdcSFU5EFqJXHbXG3mXwvlFs1IH1tqUq6WtjTMdqxa68UruVSxtgb8ED1PUFTuzccUMwHbJkKXNTjb1MNrJs20O7DPc2wQ1aMBg-hDYCHd1IazYyQ6X5NJ0JdXWN9vOUo71Z5F3MK6HC5O7kJ43fv3O1DQ%26cry%3D1%26dbm_d%3DAKAmf-BfWDwW_GxHP8-85n-gCy0DVJFXTfERkcUIesHezJ-aEDwjCKTlzL9_e9wJfYlUg_GgrnyjjRGwkrz1fcWdxzzEKgVBqYMipI-4PlUBJlZogpVAqzfAX0ejsoC9-EHwBgDbLjdk-SD1uKkkGYabnQM0ymR8mruW_SyzJAla6thBEM327mmzlyPtXOo_iMQ51SuiCviu6_h93EX5RdOvc1YDsHWJNz6LExcBDTRZGh8q7lQ9eoNMBtfktuHj8rzfg77UjRu5rI-bPm-fWBfyyBhtv-aJIlVFugkYU5O3ayw8rJ3s0pO8zIJJrf3RuUZVZsdp45Kyh9bvZWdIzn1Ctn1kUvk9kkGUeJPUadMR1zICWtZCSVSpYG5NAVrkVrIFf4mxOgVUBdTf4qXLLdw9Fo0GN5BvIapnLBhpBLQzm4QXL7nOBKfg1lTXcrMHY1nhPuXYBqDp%26adurl%3D&documentReferer=https%3A%2F%2Fnewsmaker.md%2F&ancestorOrigins=https%3A%2F%2Fnewsmaker.md%2Chttps%3A%2F%2Fnewsmaker.md&random=4828386229744&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
b9e3be79ed62a56ebf92f6522793065d022ce2296066888108b7d0b821c9932c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
99571300197987300710612011732018
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1314
Expires
Wed, 29 Sep 2021 20:08:53 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:53 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=c42a4e7b79&subid=&uid=11f4959f7e6a8ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuy6hxLlUYZ7_As6c-gbSiY6gB7XN-YNX_Ni5q-UM8C4QASCxk-15YJUCyAEJqQJRsKvVDnyzPqgDAaoE9QFP0EODDW7f6IWh7x136CRib-ZUsd6rHuvdtCIXmYFwTJuFkgT_WiQ4T67CrdpAfct73-VoAn09pl3SPBy1XH6YDw4ley9aIHwJtq6-EbV9SuwRrH2T19-XinfgeflBkps6dMr24Av0mGZoTWCpUeohTKM87FRtVlSS7aUMBg3qiN_zp1i6B_L5SBiZaQEUEu_bzUuG29ypyjWfmSeDHXUPEhKfWYVDwbAP__xPObjlzeG84hzqokSHvydYRNnwQ7noZRWRsEV0BbRTGHNfLDANQl5c2k3dT_ce6z1AeOuY_-R-YVbRwS5237VERVOBDigP6YZ0O8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI4MDc1OTM3MTgzNjYzNzSACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLn1gsBEqREKQYAi1Votkbw%26sig%3DAOD64_1ApJPY_ArA6lcUdtyNaqpcuFCuoQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-DLzdcSFU5EFqJXHbXG3mXwvlFs1IH1tqUq6WtjTMdqxa68UruVSxtgb8ED1PUFTuzccUMwHbJkKXNTjb1MNrJs20O7DPc2wQ1aMBg-hDYCHd1IazYyQ6X5NJ0JdXWN9vOUo71Z5F3MK6HC5O7kJ43fv3O1DQ%26cry%3D1%26dbm_d%3DAKAmf-BfWDwW_GxHP8-85n-gCy0DVJFXTfERkcUIesHezJ-aEDwjCKTlzL9_e9wJfYlUg_GgrnyjjRGwkrz1fcWdxzzEKgVBqYMipI-4PlUBJlZogpVAqzfAX0ejsoC9-EHwBgDbLjdk-SD1uKkkGYabnQM0ymR8mruW_SyzJAla6thBEM327mmzlyPtXOo_iMQ51SuiCviu6_h93EX5RdOvc1YDsHWJNz6LExcBDTRZGh8q7lQ9eoNMBtfktuHj8rzfg77UjRu5rI-bPm-fWBfyyBhtv-aJIlVFugkYU5O3ayw8rJ3s0pO8zIJJrf3RuUZVZsdp45Kyh9bvZWdIzn1Ctn1kUvk9kkGUeJPUadMR1zICWtZCSVSpYG5NAVrkVrIFf4mxOgVUBdTf4qXLLdw9Fo0GN5BvIapnLBhpBLQzm4QXL7nOBKfg1lTXcrMHY1nhPuXYBqDp%26adurl%3D&documentReferer=https%3A%2F%2Fnewsmaker.md%2F&ancestorOrigins=https%3A%2F%2Fnewsmaker.md%2Chttps%3A%2F%2Fnewsmaker.md&random=4828386229744&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 29 Sep 2021 20:08:53 +0200
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame 647C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:07:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
57671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 29 Sep 2022 03:07:42 GMT
data
b181.s79.research.de.com/ Frame 3D04 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b181.s79.research.de.com/data?/+PqyD4HAA+rvFpo0F0wFz6BvvAulF3zFthFrlFyuBtkFgoE00FwzF6vAvuEl3FztFhrFlyFutEkBFLruFCLkqFFlqwFyyAw0Az0AL2vFBLl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2AzyA50Ay1AzwA44A5vE1hEx5A2xE1oF4BFUkzFAHQwBAAAAsEAYAAAAdCAQAAAAAAYJAXAAAAdCAP9AAAZAwSAcAAAAZ4AAFAx8E18ExBEGAx2A23AxzArY0mAPAAAAAAAAAPY0mAPAAAFAA5soTY0mAZAAAFAw8Ez8EwBEGAx2A23AxzArRMPAPAAAFAA5soTRMPAPBAAAAAAAAzRMPAZAAAFAw8Ey8EzBEGAx2A23AxzArfeOAPAAAFAA5soTfeOAPAAAAAAAAAzfeOAZAAAFAw8Ex8EyBEGAx2A23AxzArehwAPAAAFAA5soTehwAPAAAAAAAAAzehwAZBAAFAx8Ex8ExBEGAx2A23AxzArtDOAPAAAFAA5soTtDOAPAAAAAAAAAztDOAZAAAFAx8Ey8ExBEGAx2A23AxzArLFDAPAAAFAA5soTLFDAZBAAFAx8E18E3BEGAx2A23AxzAr7akAPAAAFAA5soT7akASksFoPdAAAAAAsEAYJAFAAAY0mAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAARMPAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAfeOAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAehwAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAtDOAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAALFDAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAA7akAAA6EkhF0hF6pEthFnlFvwEunF7iEhzFl2B0sApWFCPFS3FwLEHnFvBFBBFBOFTVFoFFVnFBBFBDFzBFBBFBXFCBFNBFBBFDyFszBpBFBBFBBFCsFCNFWFFVBFBBFErBBjFpXFtaF6XFBBFBBFBuFSTFUsFNBFBwFpkFyCFRBFBBFDDFTVFSCFWCFqUFiWFFKFEnFNnFENFJmF4QEvYEMuFMVFMsF0qFxGExLFpNFEvBPBF3jE4UELBFxsFJyFK3B10B0vAtpFr3FsCFl1FiMFwpF3HEqTF0zAOzBlWFvEFkZF5RFw1FzWEMyFQVFaTFVVFJ5FnqFpNFzCF40BOVF2vEOrFovBYsFjvB6QF0sEnrBrDF0yBm4FFlFhlFW6FMNFPoFrIFRzBwRF20BzRFPMFj4BC5BI2F3RF5zAH5BamFMzFv4EBVFM5FChFU3BXBFJIFBBFBBFBFFsGFUrFT1FRtFDDFDAJOFUBFAAAAAAAAAAAAAADAEJFWBFQtjFNbscYA
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h359.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Wed, 29-Sep-21 19:08:52 GMT
data
b181.s79.research.de.com/ Frame 3D04 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b181.s79.research.de.com/data?/+PqyE5HAAlqwFyyAw0Az0ALkmFBTkzFARksFAQtjFdCVNSA
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h359.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Wed, 29-Sep-21 19:08:52 GMT
view.aspx
pb.media01.eu/ Frame F2B9
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=99571300197987300710612011732018&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99571300197987300710612011732018&actionid=879111&produktid=ratenkredit&dt_url=
0
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99571300197987300710612011732018&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=c42a4e7b79&subid=&uid=11f4959f7e6a8ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuy6hxLlUYZ7_As6c-gbSiY6gB7XN-YNX_Ni5q-UM8C4QASCxk-15YJUCyAEJqQJRsKvVDnyzPqgDAaoE9QFP0EODDW7f6IWh7x136CRib-ZUsd6rHuvdtCIXmYFwTJuFkgT_WiQ4T67CrdpAfct73-VoAn09pl3SPBy1XH6YDw4ley9aIHwJtq6-EbV9SuwRrH2T19-XinfgeflBkps6dMr24Av0mGZoTWCpUeohTKM87FRtVlSS7aUMBg3qiN_zp1i6B_L5SBiZaQEUEu_bzUuG29ypyjWfmSeDHXUPEhKfWYVDwbAP__xPObjlzeG84hzqokSHvydYRNnwQ7noZRWRsEV0BbRTGHNfLDANQl5c2k3dT_ce6z1AeOuY_-R-YVbRwS5237VERVOBDigP6YZ0O8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI4MDc1OTM3MTgzNjYzNzSACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLn1gsBEqREKQYAi1Votkbw%26sig%3DAOD64_1ApJPY_ArA6lcUdtyNaqpcuFCuoQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-DLzdcSFU5EFqJXHbXG3mXwvlFs1IH1tqUq6WtjTMdqxa68UruVSxtgb8ED1PUFTuzccUMwHbJkKXNTjb1MNrJs20O7DPc2wQ1aMBg-hDYCHd1IazYyQ6X5NJ0JdXWN9vOUo71Z5F3MK6HC5O7kJ43fv3O1DQ%26cry%3D1%26dbm_d%3DAKAmf-BfWDwW_GxHP8-85n-gCy0DVJFXTfERkcUIesHezJ-aEDwjCKTlzL9_e9wJfYlUg_GgrnyjjRGwkrz1fcWdxzzEKgVBqYMipI-4PlUBJlZogpVAqzfAX0ejsoC9-EHwBgDbLjdk-SD1uKkkGYabnQM0ymR8mruW_SyzJAla6thBEM327mmzlyPtXOo_iMQ51SuiCviu6_h93EX5RdOvc1YDsHWJNz6LExcBDTRZGh8q7lQ9eoNMBtfktuHj8rzfg77UjRu5rI-bPm-fWBfyyBhtv-aJIlVFugkYU5O3ayw8rJ3s0pO8zIJJrf3RuUZVZsdp45Kyh9bvZWdIzn1Ctn1kUvk9kkGUeJPUadMR1zICWtZCSVSpYG5NAVrkVrIFf4mxOgVUBdTf4qXLLdw9Fo0GN5BvIapnLBhpBLQzm4QXL7nOBKfg1lTXcrMHY1nhPuXYBqDp%26adurl%3D&documentReferer=https%3A%2F%2Fnewsmaker.md%2F&ancestorOrigins=https%3A%2F%2Fnewsmaker.md%2Chttps%3A%2F%2Fnewsmaker.md&random=4828386229744&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pb.media01.eu
:scheme
https
:path
/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99571300197987300710612011732018&actionid=879111&produktid=ratenkredit&dt_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 29 Sep 2021 09:08:52 GMT
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=vqzd2nhemssajwzhyxjz10qm; path=/; secure; HttpOnly; SameSite=None DTU=362280A919EA41DC7E5AC48481B71BE8; expires=Fri, 29-Sep-2023 19:08:52 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 29 Sep 2021 19:08:51 GMT
content-length
0

Redirect headers

Server
nginx/1.19.7
Date
Wed, 29 Sep 2021 19:08:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.34
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Set-Cookie
trscj=MTYzMjk0MjUzM3xMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRrNU5UY3hNekF3TVRrM09UZzNNekF3TnpFd05qRXlNREV4TnpNeU1ERTRKblE5YUhSc2NBPT18YUhSMGNITTZMeTh4WmpRME9UWTJPVFUzTldOaVpqQXlOakE0TWpBMU5qazBORGxsTjJZd1l5NXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D; expires=Thu, 29-Sep-2022 19:08:53 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=2|YVS5y|YVS5y; path=/; HttpOnly
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99571300197987300710612011732018&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
D8837231:91B2_91EFC182:01BB_6154B9C5_C410451:396D
X-IPLB-Instance
40027
Cache-control
private
/
adv.office-partner.de/ Frame CCE7 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=c42a4e7b79&subid=&uid=11f4959f7e6a8ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuy6hxLlUYZ7_As6c-gbSiY6gB7XN-YNX_Ni5q-UM8C4QASCxk-15YJUCyAEJqQJRsKvVDnyzPqgDAaoE9QFP0EODDW7f6IWh7x136CRib-ZUsd6rHuvdtCIXmYFwTJuFkgT_WiQ4T67CrdpAfct73-VoAn09pl3SPBy1XH6YDw4ley9aIHwJtq6-EbV9SuwRrH2T19-XinfgeflBkps6dMr24Av0mGZoTWCpUeohTKM87FRtVlSS7aUMBg3qiN_zp1i6B_L5SBiZaQEUEu_bzUuG29ypyjWfmSeDHXUPEhKfWYVDwbAP__xPObjlzeG84hzqokSHvydYRNnwQ7noZRWRsEV0BbRTGHNfLDANQl5c2k3dT_ce6z1AeOuY_-R-YVbRwS5237VERVOBDigP6YZ0O8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI4MDc1OTM3MTgzNjYzNzSACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLn1gsBEqREKQYAi1Votkbw%26sig%3DAOD64_1ApJPY_ArA6lcUdtyNaqpcuFCuoQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-DLzdcSFU5EFqJXHbXG3mXwvlFs1IH1tqUq6WtjTMdqxa68UruVSxtgb8ED1PUFTuzccUMwHbJkKXNTjb1MNrJs20O7DPc2wQ1aMBg-hDYCHd1IazYyQ6X5NJ0JdXWN9vOUo71Z5F3MK6HC5O7kJ43fv3O1DQ%26cry%3D1%26dbm_d%3DAKAmf-BfWDwW_GxHP8-85n-gCy0DVJFXTfERkcUIesHezJ-aEDwjCKTlzL9_e9wJfYlUg_GgrnyjjRGwkrz1fcWdxzzEKgVBqYMipI-4PlUBJlZogpVAqzfAX0ejsoC9-EHwBgDbLjdk-SD1uKkkGYabnQM0ymR8mruW_SyzJAla6thBEM327mmzlyPtXOo_iMQ51SuiCviu6_h93EX5RdOvc1YDsHWJNz6LExcBDTRZGh8q7lQ9eoNMBtfktuHj8rzfg77UjRu5rI-bPm-fWBfyyBhtv-aJIlVFugkYU5O3ayw8rJ3s0pO8zIJJrf3RuUZVZsdp45Kyh9bvZWdIzn1Ctn1kUvk9kkGUeJPUadMR1zICWtZCSVSpYG5NAVrkVrIFf4mxOgVUBdTf4qXLLdw9Fo0GN5BvIapnLBhpBLQzm4QXL7nOBKfg1lTXcrMHY1nhPuXYBqDp%26adurl%3D&documentReferer=https%3A%2F%2Fnewsmaker.md%2F&ancestorOrigins=https%3A%2F%2Fnewsmaker.md%2Chttps%3A%2F%2Fnewsmaker.md&random=4828386229744&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.148.132 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

:method
GET
:authority
adv.office-partner.de
:scheme
https
:path
/?utm_source=webgains&utm_campaign=webgains
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/

Response headers

server
keycdn-engine
date
Wed, 29 Sep 2021 19:08:53 GMT
content-type
text/html
content-length
930
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16ba8ac4"
expires
Wed, 06 Oct 2021 19:08:53 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
accept-ranges
bytes
link.html
track.webgains.com/ Frame C448 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=99571300197987300710612011732018&nw=1
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
6810241b365c34eb86777b55567386031111c016550ce38b3588aed8bdd48c01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:53 GMT
Last-Modified
Wed, 29 Sep 2021 19:08:53 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1231
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=COPsk_3wpPMCFewC0wod_r8Nrg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052
5994599.fls.doubleclick.net/ Frame 5F55
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COPsk_3wpPMCFewC0wod_r8Nrg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052?
391 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=COPsk_3wpPMCFewC0wod_r8Nrg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052?
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
c2b82656f51c80cf93cb4fe60ca53a6d95c45210f0718ea49c352449974d883c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=COPsk_3wpPMCFewC0wod_r8Nrg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmkaaKgLi9bpLfAtPrYE0pVSaYPPykBcQlu0QC28CbXiSPy2X9mgtWOJky0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 29 Sep 2021 19:08:53 GMT
expires
Wed, 29 Sep 2021 19:08:53 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
320
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 29 Sep 2021 19:08:53 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=COPsk_3wpPMCFewC0wod_r8Nrg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900018.redintelligence.net/ Frame 3D91 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request_content.php?s=99571300197987300710612011732018&a=6ef51398
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=c42a4e7b79&subid=&uid=11f4959f7e6a8ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuy6hxLlUYZ7_As6c-gbSiY6gB7XN-YNX_Ni5q-UM8C4QASCxk-15YJUCyAEJqQJRsKvVDnyzPqgDAaoE9QFP0EODDW7f6IWh7x136CRib-ZUsd6rHuvdtCIXmYFwTJuFkgT_WiQ4T67CrdpAfct73-VoAn09pl3SPBy1XH6YDw4ley9aIHwJtq6-EbV9SuwRrH2T19-XinfgeflBkps6dMr24Av0mGZoTWCpUeohTKM87FRtVlSS7aUMBg3qiN_zp1i6B_L5SBiZaQEUEu_bzUuG29ypyjWfmSeDHXUPEhKfWYVDwbAP__xPObjlzeG84hzqokSHvydYRNnwQ7noZRWRsEV0BbRTGHNfLDANQl5c2k3dT_ce6z1AeOuY_-R-YVbRwS5237VERVOBDigP6YZ0O8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI4MDc1OTM3MTgzNjYzNzSACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLn1gsBEqREKQYAi1Votkbw%26sig%3DAOD64_1ApJPY_ArA6lcUdtyNaqpcuFCuoQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-DLzdcSFU5EFqJXHbXG3mXwvlFs1IH1tqUq6WtjTMdqxa68UruVSxtgb8ED1PUFTuzccUMwHbJkKXNTjb1MNrJs20O7DPc2wQ1aMBg-hDYCHd1IazYyQ6X5NJ0JdXWN9vOUo71Z5F3MK6HC5O7kJ43fv3O1DQ%26cry%3D1%26dbm_d%3DAKAmf-BfWDwW_GxHP8-85n-gCy0DVJFXTfERkcUIesHezJ-aEDwjCKTlzL9_e9wJfYlUg_GgrnyjjRGwkrz1fcWdxzzEKgVBqYMipI-4PlUBJlZogpVAqzfAX0ejsoC9-EHwBgDbLjdk-SD1uKkkGYabnQM0ymR8mruW_SyzJAla6thBEM327mmzlyPtXOo_iMQ51SuiCviu6_h93EX5RdOvc1YDsHWJNz6LExcBDTRZGh8q7lQ9eoNMBtfktuHj8rzfg77UjRu5rI-bPm-fWBfyyBhtv-aJIlVFugkYU5O3ayw8rJ3s0pO8zIJJrf3RuUZVZsdp45Kyh9bvZWdIzn1Ctn1kUvk9kkGUeJPUadMR1zICWtZCSVSpYG5NAVrkVrIFf4mxOgVUBdTf4qXLLdw9Fo0GN5BvIapnLBhpBLQzm4QXL7nOBKfg1lTXcrMHY1nhPuXYBqDp%26adurl%3D&documentReferer=https%3A%2F%2Fnewsmaker.md%2F&ancestorOrigins=https%3A%2F%2Fnewsmaker.md%2Chttps%3A%2F%2Fnewsmaker.md&random=4828386229744&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
101d2c5be53752c47e93dbefe92862f2b825b46e61d04b621fcf5475d9a13fa5

Request headers

Host
hal900018.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=11c877c0a15871d9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/

Response headers

Date
Wed, 29 Sep 2021 19:08:53 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 29 Sep 2021 20:08:53 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2068
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame C448
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99571300197987300710612011732018
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99571300197987300710612011732018
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:12:25 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Wed, 29 Sep 2021 19:08:53 GMT
Server
nginx/1.17.5
X-IPLB-Request-ID
D8837231:91B2_91EFC182:01BB_6154B9C5_C410454:396D
X-Powered-By
PHP/7.2.21
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
cshow.php
www.awin1.com/ Frame C448 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2601051&v=18332&q=376776&r=296283&pref1=99571300197987300710612011732018&pv=1
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:53 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1CBD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 29 Sep 2021 08:58:57 GMT
expires
Thu, 30 Sep 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
36596
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C448 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1d0fef2b40cec6234eda6ce109f7a0a395c7216f0ac3e8ff0ce4150e170465e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 3D91 		1 KB
418 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=99571300197987300710612011732018&a=6ef51398
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 17:11:41 GMT
server
ESF
date
Wed, 29 Sep 2021 19:08:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Sep 2021 19:08:53 GMT
/
hal9000.redintelligence.net/scale/ Frame 3D91 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=99571300197987300710612011732018&a=6ef51398
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
26473b5c2b6556a859e896827e03c03f9996e4077e8302601b43728ce0a8d8ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:53 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16248
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3D91 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=99571300197987300710612011732018&a=6ef51398
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b42002573f083f9d45db7a40aa48361ebc4addaebd93cdab0c246dac2fb21664

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:53 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15249
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3D91 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=99571300197987300710612011732018&a=6ef51398
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1f11d6d739a5b65b70363a8621f8fefc2bcdb59a812737279dc7d8989b7c426a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:53 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16533
Vary
Accept-Encoding
Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame CCE7 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d7748e63b850e324303450043eb32aa0a110d6367a16b715f8b9770cbcde54a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33997
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Sep 2021 19:08:53 GMT
/
google2waycm.netmng.com/cm/ Frame 1CBD 		0
0
pixel
cm.g.doubleclick.net/ Frame 1CBD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKgXmtq-47mS4mqKHRI9vwU&google_cver=1&google_push=AYg5qPLNDZIMAizJbpciXNnWP40ZNDrzJwEFgXDzec1L2hTIHe-jd3DKCgLI5eqBG7TDybsWgE3CFIQPLkq8iedf...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLNDZIMAizJbpciXNnWP40ZNDrzJwEFgXDzec1L2hTIHe-jd3DKCgLI5eqBG7TDybsWgE3CFIQPLkq8iedfrCTu-Ub9H1ewtw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLNDZIMAizJbpciXNnWP40ZNDrzJwEFgXDzec1L2hTIHe-jd3DKCgLI5eqBG7TDybsWgE3CFIQPLkq8iedfrCTu-Ub9H1ewtw
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 29 Sep 2021 19:08:53 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLNDZIMAizJbpciXNnWP40ZNDrzJwEFgXDzec1L2hTIHe-jd3DKCgLI5eqBG7TDybsWgE3CFIQPLkq8iedfrCTu-Ub9H1ewtw
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 29 Sep 2021 19:08:52 GMT
pixel
cm.g.doubleclick.net/ Frame 1CBD
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECgzbVUXH7nSMGwZN7LUPxo&google_cver=1&google_push=AYg5qPJj2yTzB4ALaWdo1Wny0YShtfTSd1eraCQkTQZdvH2zACkJb_sn6kSXboXV4-ZEaURYIHLfx9icfmlNZn7ArH4wkwCRLiZW
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F5E7DB5E8964A74B5B105DDFC1B03F9&google_push=AYg5qPJj2yTzB4ALaWdo1Wny0YShtfTSd1eraCQkTQZdvH2zACkJb_sn6kSXboXV4-ZEaURYIHLfx9icfmlNZn7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F5E7DB5E8964A74B5B105DDFC1B03F9&google_push=AYg5qPJj2yTzB4ALaWdo1Wny0YShtfTSd1eraCQkTQZdvH2zACkJb_sn6kSXboXV4-ZEaURYIHLfx9icfmlNZn7ArH4wkwCRLiZW
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 29 Sep 2021 19:08:53 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F5E7DB5E8964A74B5B105DDFC1B03F9&google_push=AYg5qPJj2yTzB4ALaWdo1Wny0YShtfTSd1eraCQkTQZdvH2zACkJb_sn6kSXboXV4-ZEaURYIHLfx9icfmlNZn7ArH4wkwCRLiZW
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Sep 2021 19:08:53 GMT
google
match.adsrvr.org/track/cmf/ Frame 1CBD 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJc9QOeXMDn2ahVIGhAr668&google_cver=1&google_push=AYg5qPIM3E8aA4JDhgfmIKpbMlf6-S6dHkWwCXrdNrW2Mp_mq7ygd7BtwwomE8WiKD6-FYLdI7ODv-90ww-Weito_F5ChsJz3lrymA
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
adxRedirect
tracking.m6r.eu/sync/ Frame 1CBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEA81Udr9iC02ZvxSM1dIDhg&google_cver=1&google_push=AYg5qPKtsLNFHAP_aZ8LdrA3JjWkRNHYfKDo_a98fb5q4I0AieherCf9JqJZJpOLe0EoNao9shtrw0tgVARxv_onmxirbFm-jO3p5w
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.251.244.141 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 1CBD
Redirect Chain
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEKOmtPk5mQD64RWRvdbVN3k&google_cver=1&google_push=AYg5qPL_QTDBqQYs2gWTka59nJ2_GdiTITwmwA12QVa_RdaDAWWUpWETxL-sXXO-p2n8F0u9MyhoQgB1wSVYx5o54S8U...
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPL_QTDBqQYs2gWTka59nJ2_GdiTITwmwA12QVa_RdaDAWWUpWETxL-sXXO-p2n8F0u9MyhoQgB1wSVYx5o54S8Us8snQdlZkA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPL_QTDBqQYs2gWTka59nJ2_GdiTITwmwA12QVa_RdaDAWWUpWETxL-sXXO-p2n8F0u9MyhoQgB1wSVYx5o54S8Us8snQdlZkA
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 29 Sep 2021 19:08:53 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPL_QTDBqQYs2gWTka59nJ2_GdiTITwmwA12QVa_RdaDAWWUpWETxL-sXXO-p2n8F0u9MyhoQgB1wSVYx5o54S8Us8snQdlZkA
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
exptsync
ads.yieldmo.com/ Frame 1CBD 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEHwbr-glntqYfwnoSfeW1oc&google_cver=1&google_push=AYg5qPKYl1iHzpQBa82UejaGS851FTs1IlHD3gjHXLs0WmuFsmojIOEUtk7l4cjbRpUzzufPTcuWdyO4cIdJsidhuJzR5Lu2gXHH
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.232.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-232-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:53 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1CBD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Js5tudOaxR41xMhO8t46aZZA0zkcC1g8hWyDOcP330XC-rf-bOiHDwxG2SQtiA54euTQff
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dc_pre=COPsk_3wpPMCFewC0wod_r8Nrg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052
adservice.google.com/ddm/fls/z/ Frame 5F55 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COPsk_3wpPMCFewC0wod_r8Nrg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COPsk_3wpPMCFewC0wod_r8Nrg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7959693641859.052?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame C448 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=99571300197987300710612011732018&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-2.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
last-modified
Mon, 13 Sep 2021 10:14:21 GMT
server
AmazonS3
age
5109
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-edge-origin-shield-skipped
0
content-type
application/javascript
date
Wed, 29 Sep 2021 17:43:45 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
xMoPQHEkZFOgWjWG0q_BZPGegcCbgiMxltHV5WTuKkFtIrCabGU6hQ==
link.html
track.webgains.com/ Frame C448 		85 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=51388800185249700710612011732010&wglinkid=498343
Requested by
Host: 1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
URL: https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:53 GMT
Last-Modified
Wed, 29 Sep 2021 19:08:53 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
85
Expires
Mon, 26 Jul 1997 05:00:00 GMT
viewability
hal900018.redintelligence.net/ Frame 3D91 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=99571300197987300710612011732018&a=1ffb60d7&vb=m
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=99571300197987300710612011732018&a=6ef51398
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=99571300197987300710612011732018&a=6ef51398
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:53 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame D67A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092706&jk=1031891814195095&bg=!5eal5qLNAAZNQyuQTUM7ACkAdvg8Wr8HSc2LaXBMZhwVq-DCpA9cSwwFWuWH2zi2HQUc_CkbzFcLaAIAAAI7UgAAAEdoAQeZAscZM9Z6BHEjQRRDcCigdi4ZTuw-tOcRsJeUIjZuWaq-wvcLyEEe3IpZ7qRQzlv7kdsbaQLw3v4_OhF1V3KXcTrUPArtnWZpgug9SuVyprjWyeWWHcE-2lbnIraqBUh-9Yj293SunaZKmatRDAFIYeBRXLsUEWCcgJ-5uVQ0pXxaHoNqOjDSb-JKoWYnKoA-Fj8igFQS9mUt_S85h3dGKNgLNQsDym6YpnbhceLEp26SfwN3KhVE-l9V1Iez07eMr3zM3y5Ps2a_L7qAM6hCzdzXo5BhAo607XDOVmXQmZ2PYz52Y6Sq_0iSsA4DwW8W6ySOLlBzl_-pCU5f_qYBtK-V9U6mzhjefTzk9PvdproZS9TxTWjBqNA6A3czybFUtv9N7oTmfikptueZX_AOMLAk30_O2xtlcBfbGa_uNT9OH64En560UrVGa0_HB5LinooB3diDvHrqh5c39jB8BTOkDTNyT9H7ax7mTJiuJYhjMcHNg4Cr82rszdxhJWcjbn-IRhK9v4r9fSj5ZkLu6y6d1f6I0vlp5fT3qbTAheMCu2DW21qJ9wZuDJdwZ6Q3WGHulXoHa3hc2RqwAs4p-FUE_Jxz3JXiuM6iH4CL_OLNAREoA14V7A9__mcIVpp2uPvXM7BXUt2Mlo7uSps2iVghjPGtLjt9z2Dh1xwHb8vFiOGE4-EuafJ9Ttv_hBHGuN1j0O4_hSfTD_xgfczgTaeH3sbWINNkeG5LHQ_mqBqT4ix4HqYv3Sm4q9LstYqzvpCeAo98FSoj-2U-kQYp3NL1StrGkZxBYDmc27D7HR2jXqdNzjR72xx99lK63IBDUyxgK48BvZmfmorff0ZBXW0Ply61QDxYrHU8AAxamRlJIYORhCRF9WKs_TYQ0IU_PBXOLG97nkU93GdD49meSYBDPyjfRB8mfqRrufCuZs_PImKra9lA-Go
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: newsmaker.md
URL: https://newsmaker.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
VW8CCHGKR4ZK6Z03
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11781
x-amz-id-2
MncX4xvX6G/3ZCVU9xhgX1JCQw12l3nC4XnJi5uFxOrjvkq6VeBL/9/vLuSPh4OyPAeJ00ESZNY=
x-served-by
cache-fra19133-FRA
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1632942534.952179,VS0,VE0
date
Wed, 29 Sep 2021 19:08:53 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
218916
rum
newsmaker.md/cdn-cgi/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://newsmaker.md
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_ga=GA1.2.29800867.1632942530; _gid=GA1.2.1283154276.1632942530; _gat_UA-20449281-10=1; _hjid=fe044900-1f27-4b87-b0e3-d531e0d3d320; _hjFirstSeen=1; _fbp=fb.1.1632942530409.355181040; __gfp_64b=knzKkXSkdoB8BPPN7ZVURJFqh4NuB56ciCB6eJu48XP.l7|1632942529; __qca=P0-1816802052-1632942530187; _hjAbsoluteSessionInProgress=0; __gads=ID=c7d309bb408ac09f:T=1632942530:S=ALNI_MYbcRTlot5WRewEQ7or2nXdTXwe-A
content-length
58112
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://newsmaker.md/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Wed, 29 Sep 2021 19:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://newsmaker.md
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
696780b54e014e80-FRA
vary
Origin
rum
newsmaker.md/cdn-cgi/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newsmaker.md/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.9.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://newsmaker.md
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_ga=GA1.2.29800867.1632942530; _gid=GA1.2.1283154276.1632942530; _gat_UA-20449281-10=1; _hjid=fe044900-1f27-4b87-b0e3-d531e0d3d320; _hjFirstSeen=1; _fbp=fb.1.1632942530409.355181040; __gfp_64b=knzKkXSkdoB8BPPN7ZVURJFqh4NuB56ciCB6eJu48XP.l7|1632942529; __qca=P0-1816802052-1632942530187; _hjAbsoluteSessionInProgress=0; __gads=ID=c7d309bb408ac09f:T=1632942530:S=ALNI_MYbcRTlot5WRewEQ7or2nXdTXwe-A
content-length
53844
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
newsmaker.md
referer
https://newsmaker.md/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://newsmaker.md/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Wed, 29 Sep 2021 19:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://newsmaker.md
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
696780b55e324e80-FRA
vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ Frame 53E9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BY9DOxLlUYYfZB7mJ9u8P5auawAwAAAAAOAHgBAI&bg=!5eal5qLNAAZNQyuQTUM7ACkAdvg8Wvylehf-Vwgd4Q19B2nn05m3Q_FU-aK_bWFxYbG_Q3ClR1cFlwIAAALAUgAAADpoAQeZAx7p7FDeCyVfbYRLFqbFCO6yDGR3lRFC9JAMWqXWaXY2EtFqLw2TueXzifgWpA_KGHpb_3XWHCM1mdEXE2OoYiqZQ1g_DOpuxO4NDyPWD-pWlKDduxnJFI0Gn2wy_aRkkw1RrDxGFCkzxFVjg7nXKZ-xA2-qAmTNoe5Qf7c2yX7aKVzuk0egziWyhZqks3X_l7pYOenBhhx3SpU5GFV8Vfl_JIHTLKwwE3n3ROwzmdvoF6YAUZpwYMhAQgyxa7BqDgoTtx1kmrhEijEQDhyclAGKNMX6zL9-ns9jEiMm9oCmU5xtnhpROe-bkz2I0UY6kjWz6xaOdPVKF9w0PTEnrWKcLXl3Dmmz0jR82Qss4uN-TWcQEXg0l-cOhYCzu_kw0BkqFPgr8Abn-TrEpcil5yx5MCqlsTQGJsMKzrzk89MCCN-PYmdOSNJKB6lPXSxSNOG_9QbKBAbibJ8i3SEysjXJYsUImLQVanMzPVm2FG5pU4UUE2i7L3tp3yPVZomeM2KTtgJ8l0488z5wTAId6BJGdafOf3vznBq1KVPADC9U_auNiwgKjZjIW2jhoZ7aP2EmXrXiYoYkvVHNZFosOMTKryeoHPGn3r0eSdvzHRuQTIn47EUdB1VFfP3jpC3iRGaGfDaUeTeeYnHFfLXWtPp6Xi7XNlyMrIsqL5A0ZaYOnnbDCFgq1drK8GwyG0PuhznljJipACOjZR_PVdpOp71DbbApU3Jb1xSMoI_8PGveia8XtOObQc-EatsNfmw78_IS9iSV_0j14BRas40ri-MFcdTZ7CGH6GcgJdQ5nWHYqUyioNKbw3WjAhtq3Z8K9Rf1iV4UHC5F5tHWcQMuPiNDMKJqVJq_2LP1awhErDoM6xvnRUOqQsswhU5uMHiRiAx2p7ZG3TeOKAYYhgn2VuuvC8DsrY6gxkS7IRQJiCBYFFeOjeLB-5awCModb_5IWW6mnyFRobIZ9sIfSMyDYX_TVzVgZIkMR9utr2Eyv5iz0DkkQaPBJRYvJqwpIWEv6UQI9xBJARXbvNuU1TLrtilV-Tc4v20BfnWZ_6DD_3o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F239 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092703&jk=2828698393187892&bg=!4uGl4aXNAAZNQyuQTUM7ACkAdvg8WuDtiaXXC8IoL1E1QxOLOW_Mf9e3JTLlAaEoIwSoFiZUGb35UAIAAALBUgAAAEJoAQeZAtEHBK2xIKspZmvr-M32sk-5vKHtX-xjaCv1GPfqXV5vxdowdzoWM-bkmD5VhHRh9uWZL0xsaEMIq-dSyNy35aWFzNhnTWW1v1t7U1bx_PfrocU38Pza7tiB6EdbP14rcQYM-0N69dlVAxncQytqctD_vmaqTifkVu7rF2rRDTYRIh6cw2YviNDXgS6lAH81g9bHcXo0XLt9U852U7WGCV7Mo_ETMNVhgY4fGKwfxctVMshWMKNDumN_zoIEwq5IONW2AlFOSS1wdz5zSHyUpvwYTwaL8wSv16XcUvbIcb7qSI1nJyBDsVreANrxYYD8HJzzwRgZRNbC-7T_uRhzRdGC5AI0KeUWw9v58yQKvGz_avTUOhtdcr3Ck49K5aHC9JYiOX7_yl7azE9cKsxSvTfwrEcWVZmpuRTeUt6VhOjENZFR_5xZkJMx12gAN4RC-vWIk-UMwnmkJ3ll73_k3BXyKn4ZZMP7cxV8z3pz8jNjdKIgE6uvuumcv_hgBSb6JhmUyZTy4EbeqI68C6az7YM4Qg8nPjZyWQZSg5qESNVJ0svQjAPC1fey0J122Dkiu42mjBLXVt8SZIxdHk8Oejup3TserUc0PHCrn_ycYdAf7_bYPnjKbdbTcUEUWcyZJpwn5cBVRFQxFrdRSa2xFCfQRw7Qba40YDtRzgFtJKWxZ_AATU6veYzBsRckWOQbTZaBNh-Jp_WbAVgV8D5vveNAAcoRo13kaLmvDURMQr-waqXieo6fP20Fz2RyiCIl6klpzxSNLtLsrr0w4aFE_XZLDacDjzjqbMNvqIEI3YUxw97E02Rk_6jCu9azR6oEBS-NkuhwifA-mGPe4ANIvZpNjre4VyH43UvxmHEDV7I929S1_JuDl2_Ma0bRM6jK5qNNsUjSzeDttsB2SsiLuw0r46kqvRj8cjf_pDeYkYewzshvZ9l2OQwYVjUSx1Bd6CMr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
NRJS-c5fc523193e3deafc0e
bam.eu01.nr-data.net/1/ 		49 B
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/NRJS-c5fc523193e3deafc0e?a=58658485&v=1210.e2a3f80&to=MhBSZQoZC0ECV0cKCgtac0QLDApfTHJBDAsRVWBQHx0%3D&rst=5415&ck=1&ref=https://newsmaker.md/&ap=3237&be=178&fe=5356&dc=877&perf=%7B%22timing%22:%7B%22of%22:1632942528572,%22n%22:0,%22f%22:51,%22dn%22:51,%22dne%22:51,%22c%22:51,%22s%22:57,%22ce%22:73,%22rq%22:73,%22rp%22:109,%22rpe%22:117,%22dl%22:113,%22di%22:875,%22ds%22:877,%22de%22:879,%22dc%22:5356,%22l%22:5356,%22le%22:5365%7D,%22navigation%22:%7B%7D%7D&fp=245&fcp=245&at=HldFE0IDGB5BVRFZHhgI&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.248 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 19:08:54 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Transfer-Encoding
chunked
x-envoy-upstream-service-time
3
cross-origin-resource-policy
cross-origin
Connection
keep-alive
x-newrelic-app-data
PxQGQldSCwEIVVVXFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoLA1QAUHRMB05WAhtDAlIPAQdRBQABU1JQBVcOB0BKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
access-control-allow-credentials
true
CF-Ray
696780b5b8a54a85-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame 647C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNnCDxLlUYdDoLpPV7_UP-LiUyAkAAAAAOAHgBAI&bg=!dnWldTHNAAZNQyuQTUM7ACkAdvg8Wm59yryBQ66l13LjNUrV0ZIuoa59xFpwdzJ-Cx3dP87AStCNTgIAAAKVUgAAABpoAQeZAxQOiJhyB5f4ionzyPqOHO-L7OatY0Cn8zAfFe4E-hPUOhLL6C2mXwnoAncNlbx9gxtJ17LJeSTvTSfUSJ21cIIti5pDOl59tNofhy5trhnBIA3vEJZkCh-vNcz0K_7KFQpy8_Wos6aMs-IjROCBoLDykSVH5ms3ssUO758ON8bG0zKHAMQVHUNUrEOtl6fb8O2IE_ZtHolxG4p-TM024ZllvYJxAlIUOLI9E21B_4QObphjWhjTWAE6Omw_mgq7r-N5V71GQVYchAIxmXxqiFp0y1IosUYkfyoR8EBAdvc4AV1re5X1MVUubvJB9LNTd2sFXhV-XJE-tArCwx0r79jeLbnfzlny957Zdy6FXsvXoPROoPHPJePYzXjzPDxR8kaMZGqr_vwxokmGFWgvbkF8AzvKkfCWAH0GxH12l_3o6bj9-MQLEdpWkB0kUYPccteqj2in7SEkMQP9JC4V4O7Kvg2Zkyb1WYGaczQgn022YP6CJ7oJS57lI1LCNMW2Atc9zlFtk0jBablbKM3CWLDc-Y9tf6LHmc8rwwvvAfqzVcal_RJplOGY7wF7AHFoDX-WsKUOck3Bmsicp-uzmcqeHCwGXkDxMnHJ2oP7Q2DHIu3vEZOpBL0zQ6qQYbWIDZttDgGGKm473ghcyNH6SIdz1KDe42E57L07DJQPujY8n1G2yMM9GwgvY3QIyUjRgsgYIO_78zJ3wnGaPYz2TqH5v7NaeNCPzAjhN1mtwvgkAzr73QmYcex5lqlbSw5NnBYE5Jec4gDtlwvN2iSxFzYVN7dKpy8N6y12plLazqL6exxE9ymP3QkCTAEifX0w8FszKs3LyPKHhlPI9SvN8oyA60yvg-IDaQigVr-G8e2E4rR_ZshSQO-8xskDfxx11denhxccf3pBHC0CHdzbIORY2wHIFeB381FCexL4hOhPxwfrV0O8e8ztG8GtMJa8ThXoLQn3kSyCDmA6ooEqgpq-_UztYZ8B2_W8-TC8Om_1qUr2-Boo9FANQm-4WmSNHANAAHg312Q90vc4MZkYO4cyLuQbyw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/css/ Frame B55F 		2 KB
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f6.1e100.net
Software
sffe /
Resource Hash
cc22450084dabd9a9fc9ec3fb5864e5f47d8fab1ba2ed41365ba71a21c9e1caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9758366/1630426157030/20-IWE-Edition30-HalfPage-300x600-SUV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 11:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 16:09:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 30 Sep 2021 11:10:58 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:54 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1252
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
696780b598994a91-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 02 Oct 2021 19:08:54 GMT
icon
onesignal.com/api/v1/apps/e1ddd2dd-8800-4556-966a-d24527c29730/ 		176 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/e1ddd2dd-8800-4556-966a-d24527c29730/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
759377a317d3e8f6455d4b8594a8c1928b39fea2976dd863961744c77769fb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
Phusion Passenger(R)
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
71c3b5b6-4627-4722-9f74-ec1cd584dc2b
x-runtime
0.009317
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"759377a317d3e8f6455d4b8594a8c192"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7200
cf-ray
696780b628a842e1-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 29 Sep 2021 21:08:54 GMT
3e14aba3-e7d7-4b0a-9974-d27514203245.jpg
img.onesignal.com/t/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/t/3e14aba3-e7d7-4b0a-9974-d27514203245.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462b6449eb25be0dd29ce0fdf42a0d375e189dff8ed1e230013964d6808a7fb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:54 GMT
cf-cache-status
HIT
age
3537
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4206
x-amz-id-2
VbJQWgq8cBedRPBfX+JpxQ67IggfZIVNvrFwvwhrYA/g9yLU6pTq0lB29vHkPn4c0iWwIZI+/xM=
last-modified
Thu, 22 Aug 2019 12:34:15 GMT
server
cloudflare
etag
"c0ebac8125631f98fc00eb5f3e93826c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
91DA0KMJ3DZHHFNR
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
696780b7281b4e3e-FRA
expires
Sat, 30 Oct 2021 19:08:54 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 5CCE 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/fx6zaDuebrs?autoplay=0&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fnewsmaker.md&enablejsapi=1&widgetid=1
X-YouTube-Client-Version
1.20210922.1.1
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtXWEozSl9uc0NwUSjC89KKBg%3D%3D
X-YouTube-Ad-Signals
dt=1632942530821&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C765%2C430&vis=1&wgl=true&ca_type=image&bid=ANyPxKriWlzpSBOz0oqI4Ggu8eQUmJfquovmJPBXkhPkDsGBLRIl15NeeUVRB7U7NkxTwWg8GVU739sivKcUXtXGL2qgP5F0jw

Response headers

date
Wed, 29 Sep 2021 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 29 Sep 2021 19:08:54 GMT
data
b181.s79.research.de.com/ Frame 3D04 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b181.s79.research.de.com/data?/+PqyFlbAATkzFARksFAQtjFV2JNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h359.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:54 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Wed, 29-Sep-21 19:08:53 GMT
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 29 Sep 2021 19:08:54 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame C448 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.21
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Sep 2021 19:08:55 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.21
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
event
ads.adfox.ru/239538/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=986bde6a75bf05d1&pm=bmq&pxo=XFbEb_yTQJXFZczRRxEMPgq4_mZjN2vZu4zhB616DB-SULrn0lsHB6msPLHIYJJL1myrMDk8BSh75UaEaDaUCGeUSJ_tGu5L3aX5DP28YoZgNRwI0vwF385nKIEBaT6D6pyHJt39b0gZ053Nl2astW7eoITsI4qXX3skKDAn4B250d6r&p5=gvoqp&rand=hrjbzip&sj=ZOSXoIjmEMjMtjpMKwZX0UX8XXHpUrkmms7je_3i7SymQh3iFTaEmT5CulP7qg%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=chdfd&rqs=wX1viCBbUG_BuVRh5I2Rpq_lzC4GjPo3&rtb-si=b&p2=fwgw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:54 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=e0f9c7697c22ec92&pm=bmq&pxo=CWhhHhsqlhI1CtgC6U_eeiZXZrFYPGtQzgaK8kK1TlSoHE6wSGeUV9BnWgTgR4Bg8zJ3EL7PtyKPJwMa06wGdhJgE5H9rn0YdV9GYdkhtYRl-9C8ad9P5OwoJws36qZ44Lc9zju8Ev8lUgYBdZohd4CRKWW0kk0jMTIHSXXP14p6myk8Bg%3D%3D&p5=fxybz&rand=krveqdb&sj=lTbqm4nyoXWvKcXquQGbUsGdKYC_BW_uGlF2neuQtqwX342z_UiRSkq08MHr4g%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=cczrd&rqs=wfnPPZ--wE7BuVRhk7KhilWEzZAWpF1S&rtb-si=b&p2=y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:54 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
data
b181.s79.research.de.com/ Frame 3D04 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b181.s79.research.de.com/data?/+PqyGv+AAl2yFuvFfhFwpFTkzFARksFAQtjFTsRNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h359.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:56 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Wed, 29-Sep-21 19:08:55 GMT
data
b181.s79.research.de.com/ Frame 3D04 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b181.s79.research.de.com/data?/+PqyHKOBATkzFARksFAQtjFrwJNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h359.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:08:57 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Wed, 29-Sep-21 19:08:56 GMT
event
ads.adfox.ru/239538/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=e098fc1f1f7ca100&pm=bmr&pxo=XFbEb_yTQJXFZczRRxEMPgq4_mZjN2vZu4zhB616DB-SULrn0lsHB6msPLHIYJJL1myrMDk8BSh75UaEaDaUCGeUSJ_tGu5L3aX5DP28YoZgNRwI0vwF385nKIEBaT6D6pyHJt39b0gZ053Nl2astW7eoITsI4qXX3skKDAn4B250d6r&p5=gvoqp&rand=lcnnztf&sj=ZOSXoIjmEMjMtjpMKwZX0UX8XXHpUrkmms7je_3i7SymQh3iFTaEmT5CulP7qg%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=chdfd&rqs=wX1viCBbUG_BuVRh5I2Rpq_lzC4GjPo3&rtb-si=b&p2=fwgw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:59 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/239538/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/239538/event?hash=91936a836bee159c&pm=bmr&pxo=CWhhHhsqlhI1CtgC6U_eeiZXZrFYPGtQzgaK8kK1TlSoHE6wSGeUV9BnWgTgR4Bg8zJ3EL7PtyKPJwMa06wGdhJgE5H9rn0YdV9GYdkhtYRl-9C8ad9P5OwoJws36qZ44Lc9zju8Ev8lUgYBdZohd4CRKWW0kk0jMTIHSXXP14p6myk8Bg%3D%3D&p5=fxybz&rand=ipofuvl&sj=lTbqm4nyoXWvKcXquQGbUsGdKYC_BW_uGlF2neuQtqwX342z_UiRSkq08MHr4g%3D%3D&ad-session-id=6446471632942529159&lts=fhljnlx&ytt=190216456636437&ybv=0.44378&ylv=0.44378&dl=https%3A%2F%2Fnewsmaker.md%2F&pr=mrahwfl&p1=cczrd&rqs=wfnPPZ--wE7BuVRhk7KhilWEzZAWpF1S&rtb-si=b&p2=y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsmaker.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 19:08:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:08:59 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
data
b181.s79.research.de.com/ Frame 3D04 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b181.s79.research.de.com/data?/+PqyIezBATkzFARksFAQtjF/4JNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h359.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 19:09:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Wed, 29-Sep-21 19:08:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEAv0J8V29y9tMfG53lVOwJo&google_cver=1&google_push=AYg5qPJqpBVfUjKlRrp7OfBV_YX-xOpuPUQntyfDTmrQz-m5m0Lp0AgffBBTHR2MzgkemY3RtRRMWM4HHwMUCa8V_05bf2Mo8-Ua2Q

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster object| CloudflareApps object| paceOptions object| Pace object| NREUM object| newrelic function| __nr_require function| loadCSS function| Deferred object| fbLoaded function| fbAsyncInit string| gtm4wp_datalayer_name object| dataLayer undefined| $ function| jQuery object| objectL10n object| helper function| YOPPollBasicScrollToMessage function| YOPPollSendBasicVoteWithReCaptchaV2Invisible object| YOPPollReCaptchaElements function| YOPPollOnLoadRecaptcha object| yaContextCb object| dataLayer_content function| documentInitOneSignal function| OneSignal object| FB object| mc4wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents function| hj object| _hjSettings function| fbq function| _fbq object| pcodeJsonp44378MDV40zLESm object| Ya number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| __pcodeAllActiveTestIds object| ya string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| plyr object| onYouTubeReadyCallbacks function| onYouTubeIframeAPIReady function| jarallax object| themeajax object| ptajax function| pt_open_login_dialog function| pt_close_login_dialog object| addComment object| wp function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| __cfBeacon function| findCMP function| stpdPassback object| googletag object| stpd function| stpdChunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO string| nobidVersion object| nobid function| YOPPollBasicIsFacebookBrowser function| YOPPollBasicGetPollCookieData function| YOPPollBasicGetCookieData function| YOPPollBasicSetCookieData function| YOPPollBasicIsResultsShowPercentages function| YOPPollBasicIsResultsShowVotes function| YOPPollBasicGetClassForColumns function| YopPollBasicShowResultsForTextQuestion function| YopPollBasicLoadBuiltInCaptcha function| YOPPollBasicLoadReCaptchaV2Invisible function| YOPPollReCaptchaFilled function| YOPPollSendBasicVote function| YOPPollBasicUpdateToken object| gaplugins object| gaGlobal object| gaData object| $sf object| yaSafeFrameAsyncCallbacks boolean| yandex_context_perf_logging function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| regeneratorRuntime object| JSON3

37 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: clNuxb4dVGCPlNHwzFUM2+2fKnUmZQDAk1PBRVaq1cmNG9lMChZD5/CZNP75yzkr5Gn5iXqKxIVhO2Lz3+eYbPNLLjg=
.youtube.com/ Name: YSC
Value: Oe4xgRGBfQk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: WXJ3J_nsCpQ
.newsmaker.md/ Name: _ga
Value: GA1.2.29800867.1632942530
.newsmaker.md/ Name: _gid
Value: GA1.2.1283154276.1632942530
.newsmaker.md/ Name: _gat_UA-20449281-10
Value: 1
.yandex.ru/ Name: yandexuid
Value: 5674745121632942529
.quantserve.com/ Name: mc
Value: 6154b9c2-33c43-b0ee6-44d2d
.newsmaker.md/ Name: _hjid
Value: fe044900-1f27-4b87-b0e3-d531e0d3d320
.newsmaker.md/ Name: _hjFirstSeen
Value: 1
.newsmaker.md/ Name: _fbp
Value: fb.1.1632942530409.355181040
.newsmaker.md/ Name: __gfp_64b
Value: knzKkXSkdoB8BPPN7ZVURJFqh4NuB56ciCB6eJu48XP.l7|1632942529
.newsmaker.md/ Name: __qca
Value: P0-1816802052-1632942530187
.hit.gemius.pl/ Name: Gtest
Value: KlQhgMXGQMGG188G1S15mfoissGMXP8c25nSG4rGf7KIM5aSrKuRiGh5XMbG
.newsmaker.md/ Name: _hjAbsoluteSessionInProgress
Value: 0
.hit.gemius.pl/ Name: Gdyn
Value: KlGdmRXGQMGG188G1S15mfoissGMXP8c25nSG4rGf7KIM5aSrKuRiGh5XGySssX6nsGfGKZfHQ2xx1GgxcxSD8CBI8l8MG..
.doubleclick.net/ Name: IDE
Value: AHWqTUmkaaKgLi9bpLfAtPrYE0pVSaYPPykBcQlu0QC28CbXiSPy2X9mgtWOJky0
.newsmaker.md/ Name: __gads
Value: ID=c7d309bb408ac09f:T=1632942530:S=ALNI_MYbcRTlot5WRewEQ7or2nXdTXwe-A
.adnxs.com/ Name: uuid2
Value: 3399611613822446616
.casalemedia.com/ Name: CMID
Value: YVS5xF7nM92GLCftFzEfYQAA
.casalemedia.com/ Name: CMPS
Value: 5216
.casalemedia.com/ Name: CMPRO
Value: 1133
.casalemedia.com/ Name: CMST
Value: YVS5xGFUucQA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HbyM0JXS!@wnfH8K6pQK`!5=E<*L5>xi_Y00IBkx2t_ie)sj6'9Dfk?GEj>zOJ]=6qCL%nugO%v4VB%nm7=)vpY0
.casalemedia.com/ Name: CMRUM3
Value: 2d6154b9c42760CAESEEnclswFJDhDHYPAUvUk6J0
.openx.net/ Name: i
Value: 28f08205-9e6c-4099-8448-47c242a27418|1632942532
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 11c877c0a15871d9
.medialead.de/ Name: trscj
Value: MTYzMjk0MjUzM3xMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRrNU5UY3hNekF3TVRrM09UZzNNekF3TnpFd05qRXlNREV4TnpNeU1ERTRKblE5YUhSc2NBPT18YUhSMGNITTZMeTh4WmpRME9UWTJPVFUzTldOaVpqQXlOakE0TWpBMU5qazBORGxsTjJZd1l5NXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
.awin1.com/ Name: awpv18332
Value: 296283|1632942533|aff43aa0-2158-11ec-8a78-692d0556460e
.awin1.com/ Name: AWSESS
Value: 376776:2601051
.sniperlog.ru/ Name: guid
Value: 5420F893E93529F8
.mathtag.com/ Name: uuid
Value: f7306154-b9c5-4a00-9a10-57a74c04542d
.mathtag.com/ Name: mt_mop
Value: 4:1632942533
.simpli.fi/ Name: suid
Value: 5F5E7DB5E8964A74B5B105DDFC1B03F9
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1632942533812,"clickCookie":false}}
pb.media01.eu/ Name: ASP.NET_SessionId
Value: vqzd2nhemssajwzhyxjz10qm
pb.media01.eu/ Name: DTU
Value: 362280A919EA41DC7E5AC48481B71BE8

1 Console Messages

Source Level URL
Text
network error URL: https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEA81Udr9iC02ZvxSM1dIDhg&google_cver=1&google_push=AYg5qPKtsLNFHAP_aZ8LdrA3JjWkRNHYfKDo_a98fb5q4I0AieherCf9JqJZJpOLe0EoNao9shtrw0tgVARxv_onmxirbFm-jO3p5w
Message:
Failed to load resource: the server responded with a status of 503 (Service Temporarily Unavailable)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f449669575cbf0260820569449e7f0c.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
ad-server.eu
ads.adfox.ru
ads.yieldmo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
an.yandex.ru
analytics.webgains.io
api.webgains.io
b181.s79.research.de.com
bam.eu01.nr-data.net
banners.adfox.ru
cdn.onesignal.com
cdn.plyr.io
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
dsail-tech.com
dsum-sec.casalemedia.com
fa6eccb5b027c02cfccb2c579af9a882.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gamd.hit.gemius.pl
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900018.redintelligence.net
i.ytimg.com
ib.adnxs.com
img.onesignal.com
js-agent.newrelic.com
ls.hit.gemius.pl
match.adsrvr.org
medialead.de
newsmaker.md
onesignal.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.quantserve.com
pv.medialead.de
rtr.md
rules.quantcount.com
s0.2mdn.net
s79.mxcdn.net
s79.research.de.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
stat.meetrics.net
static.cloudflareinsights.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
sync3.sniperlog.ru
tpc.googlesyndication.com
track.webgains.com
tracking.m6r.eu
um.simpli.fi
us-u.openx.net
vars.hotjar.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
yandex.ru
yastatic.net
yt3.ggpht.com
google2waycm.netmng.com
104.111.239.217
104.16.95.65
104.18.225.52
104.18.226.52
104.21.7.243
104.21.9.187
104.22.9.68
104.90.104.248
128.140.224.227
13.224.193.12
13.224.193.121
13.225.87.6
13.248.242.197
13.32.29.81
136.243.15.236
138.201.84.252
142.250.181.234
142.250.181.238
142.250.185.102
142.250.185.130
142.250.185.134
142.250.185.164
142.250.185.194
142.250.185.206
142.250.185.214
142.250.185.225
142.250.185.66
142.250.185.67
142.250.186.161
142.250.186.97
142.250.74.194
142.250.74.200
143.204.209.2
144.76.184.162
144.76.91.199
145.239.193.130
146.59.30.104
151.101.2.137
169.50.137.190
172.217.16.130
173.194.76.155
178.154.131.216
185.172.148.132
185.221.87.248
185.29.132.241
185.60.216.19
185.60.216.35
2.16.107.27
2.21.141.232
2.21.141.58
216.58.212.162
216.58.212.166
31.172.81.160
34.98.64.218
37.252.172.250
46.236.13.147
54.75.239.54
54.76.176.197
54.77.232.22
72.251.244.141
77.88.21.179
77.88.55.80
78.47.15.207
86.105.81.36
88.198.250.30
91.228.74.133
93.158.134.158
93.158.134.90
94.23.99.218
00f26bc0ea8f34823161258246b548f4c435d41b4d101d57d746488c7bf2da1a
01d58569491e7c9ca5ca407a23cf9859dab636464929424986d8797a2d8d83db
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03e45084e11351caad4c84a12f7b9a4cf9401490e4f9290723278419c98b16ae
045fd4ce57343257588e028026d314db88e7cc03aa84ec98ead1197bafe8c598
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0715c294a5665f00ddfd9e7b7e2627446466b2000f1f7cd8f931b08ac40617d1
07f3f71211a0345876afb97d4f588e7cf98383c3a90498ab06b89059e53fcbbc
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08d46216e74711f7a46b445bf8028b7cec8a68dd67d2696478f2a6deb7248704
0a7bbb5185cb37a5e060cd25bccb9451523d9cad0c7b0a6d17b21bcaf9077185
0a9e258a866533b1cff265461ce454ddb9b97c065350de57cc952ee03857ea1d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c571263af4f3735f098e217c51b3c79e68ff498c060ba9861fa78343232223d
0c96c25b62d1df94b967e6e52075803435224a1b39db4ba790c1b5390c4d6a73
0e443cbed74683ae4ae15fd3dd0a4410e4edf1649d9a8c4882cb907734f8c36a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f4aee7cc32effbb1f40c6ce817038c6c417f991f99876754191df46a4810336
101d2c5be53752c47e93dbefe92862f2b825b46e61d04b621fcf5475d9a13fa5
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120eb97de67ef5e7c1ef01d2cd6534333499d9f3ede052a4cf670e6bd5dada65
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
133bd0162f7161c9cf8847b3906ef4d0edce4c4f002e51f1eb07d813a2da5cd2
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14546fad6170fa3ccafacc9ccb48f7193aba7def29d2b17838012be3c13d7ac8
18de01f5df9179b52a4f42b2e015ea032510842751070562925d26d161e94519
1a23a8d6428c356d969d71fa29eeb74719717d851606439d3b81ace11c1b79c0
1f11d6d739a5b65b70363a8621f8fefc2bcdb59a812737279dc7d8989b7c426a
1f5e435864607e2f637e31d59d8234fff394f6e22e7d5874f1df358a7cc7e580
2006167aa7e1785b4db6adfdc56368527e649e9539f3b0f48f12d953205ff3f2
22b1837038196904244cb7048a0645bc9a4a01bccd9c8f70b483f5273e18b81d
22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6
23c8692b22029609a476063d35705db79399ddfc9d549a78caf4936f731275cf
23d348a7ee7a86be5fa3c845ed8fd5ac8cd8e157da59c8a475d21e44701beace
25a54ff1cb79229cc4d3eea2fee74b29d539a0432795a1057d98f7b04f1606c3
25ba02d403597038e3e51f0407977b0ff37e605fc54c5107f3a49d98cd9c6220
26473b5c2b6556a859e896827e03c03f9996e4077e8302601b43728ce0a8d8ed
273b650c0f7ae7805c04c781612f5b67135e515d637988c9eba1c7a06cadc480
28bdb22e0cf1fe535972a7a701ff9e92d429f29cee11f2fa297303fbd899d837
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
2d48e20099d2c405168b8004e5e898d7f00abfff3b0e75bfeffc40b7e8965754
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
2e5f66338ea823c390685123825fb65f855c4df9ad21a79ffca3a94391db3de7
2e88483d67bb552c6a1e0e761784ef7b325e89d72af8c48acff0e8836ab3e93c
2f9365a073ca5da61ce70d32e20634a36b3b084f2e77c347ff4262833c14ae01
2ffd825457e4ac18fd3e44f63867377f4079c4e76fc2db8e8c6c21bc0508c3a5
3269ee5bb4fdfdebe785668da684cf694fac9189f3624a30c62a582c4070273a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32de73ff3914de16f897ea692b5d2f6339029eab158b0d54bbd9520ce95141bc
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
367e90ba0364aed9878db2a492f38c9d0d20f4a446f4e4848abf38b099ffa950
370f77f3c88cb0270a3040171221f5aedbdffb7f0c8fcbd0e42c899a8be1046d
37547bdbc872f318cf164026aebaf337ad2e419a17e8d13f0e186ab887b0d856
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
385374c498aaa15b5f4829c12f01b3c578c0ea0e6a0b4e87b6f45377244c3f66
38daae304661fccac455e225f2631b9fb8f27cbbabae43694b0bcd303a747a0a
38e8ddccaeb099f2ea2d2b33a74859be758f8ee85069e8b2c2b4261cea0a1c17
3930ccca849a4701b1ef1f50234cc1c45f87386293696a447fa6050e596f0ea5
3a1a1b87604308c60580d014db4f9d8983e637e53df2ed0098152cb67ffa1780
3a886a792c3d5d478a94eba9d236b961bf9bd80bfda0f12003474fedb36da999
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
3edac2567257ca98f0c25dc183e0ce0d7bd76a160fa287bd398ca41aff203cef
3ef745ebabd95d4bff53f7d91d55c27f539f3639636d0d34cb308c260f83ab6b
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4035b38e02420ab896d01559915f0fceeb0e42e07cdf4ae96e8684c3ee0b35e1
410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315
436d419f765ec356a4a256605e1baa5ce59137cfae9728ac54ee0d60baacfb24
43a97513479f1eab56cb356017ffc35af29892f8b2db80925003141c6a50a844
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
462b6449eb25be0dd29ce0fdf42a0d375e189dff8ed1e230013964d6808a7fb1
484ee56b24b6c3b9c4a47d911b24cabca3411995941c90759e973ed3cf1c2333
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4d2f35d749b170352dc0eeb830485b14cfce0fe4e29bf2c1ca17d058a89aa68c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
4f9c4efb1f6051ce820c63909ad3c3756b879661b0cdda0ff13a901f489acd69
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fc0960c5de6d851cc410d201d47deb215919254c72342b3dbc667a26f7a868b
5003991a5acb0f61efe7e7f67ff29ba81bd7a8e589c9a35e43c888f770dee299
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51cb909b98efa0eadc7028440e93823cf37ce09f2bed4f0d5853910adb8f7564
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
545d060d7bc0fb88e84625728ca9fc74b70f19c08bd1b8479568875c6815568d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
567bd1ed0968ba88ca5ad619cf3ab95e119bd451077023f57c2410392c70a8a7
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
5a3535bf9c68a69732cec8f625abb8a79db09a0466d0793f491a9193710aff92
5a75c6f1265246ba14c0d683d7c45cfbc98c75d9a48b48dfa06a904c68cf9950
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cf2d602e6a7b16bf2a0b1866e945e014d8d08ecb9603a36943b8da90499a96e
5ff3a810a8af46e7418a845a07c79ce8af24c75f89f158d8d908a20b9b0afe75
607ab6ba3ebaa30de9dd6c4939ce5a267633e7bb1fcf1b48c5386f4bccb451a8
61e9b3c9b2a78e28f87a5ee4928bebbf8f278661c548bc566fc0c660f5c62561
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6810241b365c34eb86777b55567386031111c016550ce38b3588aed8bdd48c01
6aa387ac924286fc5728aba699f690ef3d1934382210a4cfd23f33e9904a31bc
6ad9cc391dc94fe8f5267a60a339485152256f028182e30312e9823990c99a20
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9411a9044e0378b9538572430ddb79bd16138c2830c11397518a552f364c9a
6bbb8b78e3892d99ecab019950a14c5dd6c4fadbf20998e2cd39d27246010614
6ec09a1d86f3ccbf093f92ba1e4c5086c993006ab923e994a5130be31c844b51
6eeebb74978a3b08315b9759fe15a088f039de1340d497602d1d0290ce169b0f
70579c4feeee13f949ae2693e6875d6fc48292cab8dd127f1aed90573d02ba63
70696faf192b7eb953f66c01f7722184064cc80a25c027da0630e1b95be6c794
72acb87df5359ea679dce85c62eacb5b8d921a313dcc6d07ac1b27a3850eeac9
72d9795f1b20e37c65bcfa1e18dccf2ca46717e97900197d5488da12bdf2cc1d
730ed50ea18f25ef9d9f37fec78657845f7d8141d2d091162f1558871696725c
73391a541351062884321aa2cb7cb5fd9389be9122ca17d8ef9023458531e635
759377a317d3e8f6455d4b8594a8c1928b39fea2976dd863961744c77769fb09
75b463c983970035ff2503072818880be2abbc99e0ee272988bc286f1d2b7a15
77605ce37726862fd599ea12f11268092cb76e519655cd1ad96fbfb77a442aff
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
79e7f37ed146c8f2ab1acbc97fdafbc0b59b8f818ee4aabc0d564613007d990d
7a2ab7b34d1c360e38681b19b6822f32c88271d7607698ca7a658ea015aa6bb2
7b6ca722b11ece7b4d120738db3c14b8880487b0646a71812abaa66755033d12
7cc64ec2f55ae9d24be2ca2bd4f933dcf99c9be0ae35871489cf235d5cee6af0
7d4130e148ccfabe70fa0627fbc1f1c5fa61886ab250178e08eac3a3a2f50274
7ef0a4f12ba46c0782cb529d507bf4080592de794057b42d4ddf588edb24dc16
7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71
7fdc9fdbacc99629aab62ca371f8267d62329511888ebcbfb10d0e3f61c68e46
7ffaa742495644d25430df1b410148681ac16cc81e185ca816c16fd0b1a5ab86
8003486abe9044154c794ff0c8a340f2f33c2a5f78ca07d456f1be135a4429e9
81e6e7e707a1c7384b623b2bc5120e04e0cf1bf002db7fc39dc86e02e7346e3d
83d9c789544a4a7ce29fd3eba0f3356de13bfeed42f69f6d22a8389f461e3db6
87cfef27c8193e811b5f9f7c2c60973a548c5fc6fb5b11cb0c710cfb59845c36
87d5e2d9e113d507eee4659247cf5874e8363898e7c94d1b274343e416d7e525
8802dc514a1b11afa8b0622888b2b6df46322835e474c0da0b1d545a6462957f
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8943b798efddc7a5ee242732dd0cb2f7f4d5c59417a97b3da42eae595bddf270
8a335e9660ee4733252885c06a4877893344969128f70eb9a798f3aaf89ba04d
8a9fea5e4a7f671e75b15e1eba0b76043f7d59402f96119959f115d4db6e35e2
8aa68371f310d31bd036986bb97b2ca278339eeb86972c0c191f36f434eafd99
8ac79395ad2c8c0efaf5a734544089eab4a8dce163f3b97f86d08921df5faafb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8e3e94e24bc377861a8fe908b0266226d32936cc4453cb6ec91cef695bab91e1
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
915a3c8a4d5846f464502b92d74e2b7b58def2b0cd56b7f28c7a28a96bece2f5
92bc0b74f180e7b1bc14c649d12fd52a06bd90970506874fb38222c803ecdf9e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94ada3ea372a16129ed94f52fd7b276c55161b725a9b8c49cc3f689fe85e05f5
957a44bc43a0bc149cf0b3d39d33b8f0fa1d48a256a21a6447badd1af2be661c
95f3fb6ce7487d2329cd57c2c5f47f0a5a0e8408c11538b42ec5a713d2b77bd0
97f9ad0bb256dca87692c7774df9bdd695714db70cc6de3c6c123ff29d52f938
98246f79b1495fa4d547fc6bdff6a3de6cf8064d5cb9e5d877adee9171a7f99d
9877e27090bf534cb7495116e8a873c50b673a9c9f2af5d8af324bc6c50ff8bd
9902b02a693bfc75334ea145136acb28d4c925ba9e6ae8d5a2ff8bd7b1c8f99c
9a68fb9f68f928386ec28682e9653e28c1a30451bd69748f5cbc7c66c7e5523a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
9de6bc5ecf8ba71e402cd102d033dab7b7fccb7aa0514e159d6cd865e94df98f
9e5cf32f949f9982b17aacfac50b9bd1f6f912da184f39afff08ce2f0aa50b3c
9e60f044d1f846acde2af5d68d2bde4cd30bd70c258555d52fd56e182c9fc27a
9ed8dd1247ffbe1e97aa669ba92a11f79d04e9027e7aefcd48e2ec980b7a5362
9ef22b86fa9168ef8f4899809dd89508bb9f3023a0f50b3a66c3fcde6800bf32
9f85893c90a71e6664b66b929f50fe2857b5f46bc98c4f3f26947c4a5d67782b
9fe1cb2a8f77e238c7eb49360b28255d6064d41275ffdf948d06f31965427b22
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d4d9f07df29e7b753e858a6aa183a7be8a47a39fd917cf0adb1b182ce65adf
a11d5c3d55e803f4385a4a4f4c948878d1c2afa8f697103a7fa07c9be34d71d4
a445be541815561430b812d9d8d9f55bf92b0d86e9441f947dd939be87caf33d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6f59fc654b5a739d372c1f6954a666d6518236ac67134523277a5548ec40ad0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a772756bf07f22e8c80273bf89b15cbe8337be29b7a9bf5e5fe02c33033e5b1f
ab37f6ab6141256473d08a50f00c490345b6f9532e54de6c6f4ae0c0026df232
ac2c2cf55b456cdc541aeddfc06f3c6e532b16a2bce03e744c2a39355de2a93f
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
b08283477b2fc096fac0a30f63c4d9df8f825009bd06a0088ede37566e32bb8a
b104c2739905b36f01c9edfc126f75200dc92eaa8b4e482da4b95edea9ee94d0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d0fef2b40cec6234eda6ce109f7a0a395c7216f0ac3e8ff0ce4150e170465e
b364434612afdae293afa0b297fee8c6f414d51580918e3380fcdf26ed652149
b3d565ec1d225a25ab433242907f027678b329a4cf27cf6ead76b2230dd6c64d
b42002573f083f9d45db7a40aa48361ebc4addaebd93cdab0c246dac2fb21664
b59782378e9672b3938e95d8dbcd37279b28c4963aec93667717bfac0b39c6f9
b5d878a8fc2edf1844ac643fbb326f42605fe6dc6d720c7191fd9148cb7b8576
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b6bdfd1ef8948427a14ddcb3b927f8003c46681702c8701d94f9eba3b433c9c6
b72374d26b33f90de8cf128ca20e21d07e39b0576937dbcc7accf2f8a9ad8eee
b761b30cfb2931391b30c212c699193f7245cf56a56adadea60519b46a73acea
b8d802a143b8feb1cd9dec9c894969bc91e1c357d517a850736294d87c9e4070
b9001a4bcf505fe51907d632a4f659b4522598f89531a4530cbeb5a23c8760de
b9e3be79ed62a56ebf92f6522793065d022ce2296066888108b7d0b821c9932c
baedf35b211afa81948c93a9258dcf732723bd28decf1fb1e4737bbd2e788bd9
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb5f65e056052c1ad07ebbafddb8a71f444366b3e2b1746d235bc60f536fe261
bbbe8aa3c209729aa9ea758a124fdb1b3ee9399e94c0a8cace73a531385ab636
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c1d8e9247c2818275915fbdec4d02fd2a7682accfb67058d70d947ae042d034f
c2b82656f51c80cf93cb4fe60ca53a6d95c45210f0718ea49c352449974d883c
c3af629f3959f4515753a25278c1e415192c979d7fb4f4797063347ef8a5b1f3
c5aed98e359c0384ebb204f67c572e7d5cb1c254548b8931a2b7c71d5a8ae980
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c84ea903b1833a97bb0e508404cded491e4f2c2b7042d193137cc25fcbce4297
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c889ed24af8087227a1f223af262c0369678c8be251be13b2eec0fcf65504056
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9edb924c9cfcf6b108f393481e54ad29debe9a17d7e631b4d75791d7fb10041
cc22450084dabd9a9fc9ec3fb5864e5f47d8fab1ba2ed41365ba71a21c9e1caa
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf6f40a49440fa0927abc940e074b0d82d937db507b67a17bbbca9357515174
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
ce25e2faf858a705d9b941d0e865cf5f11c1f33a90be48d388a60b6662b61eb7
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d36e71c3e5e72a35544668d03dca46f534d3cae5768e48d5a6be33dbcbc6685f
d3b005fe8dbea798d126a6bae46550e82f9ea942322f265459ffbe118af318f7
d55983af35433c198afe7a72f1dde73420e62582ffbdafc0d48cd5b1d57ad264
d71e126d67b94a253f443971cc3fa2559aee69d582b6bd613d4c2cc72ddfa2a7
d7748e63b850e324303450043eb32aa0a110d6367a16b715f8b9770cbcde54a5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d92f3cd5f8a197458b78005ac19d846c99dfbd62b749e191d247ca8b7ca2e817
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc40519e22545b5835214128bd107a8304e66096bf086b37e326a3659bf3711e
dcbe862273a5d7cb61ffaa1eda7e0a1ecb466ca5e08a592fae3e6d1824960293
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e10b69677748f824b68b6b430bef9030fcf17f8d7a5b3799cf56dac057cdc8fe
e23cc23c857b5ffc55972e393b66ff023a96fea684f9c64a917c250761eb9af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
e67b3dce18db5684be0405d8736fcdcaa2d0b062b854aeaedf0233c86fe8dee8
e7482c36aecad8343bec30814ce2b9c26d1c5b484d869741690bf60194acee36
eac31b61afaafb26c0f6c7b7a8f1e68f6dd2c00997312521e2225725bf598f70
ecf691d5101bf5c7ed6f8238444394838342646e8f1eac32a0fc803656249d81
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4ec5b374f8f0ef4bd2a2a4e30281a0f818f4dab094a10404af0b1008abd415
f0204e97f503b45598e9ab10968a150527d27452b963ef9d8025f7d812d4d538
f1882c762bf492837eea6aa2758ab13645e3a29e02bfa1b0aa40ae38f9815d80
f2d4c2e53dc21902784cd7310754876625ef18091d4b496941a6d75bd63dba97
f454fde17fa6bf2c65d4cf5f445bf90ff15a7c3c65c21483d1901c53071d59e8
f62da9fa67a86fc30d576a01706e20a58fbe41ff7b9ac45671746fb2ac766d39
f80154100a3cc63dec477ce3880ce4afa278b489841558cddb151d76fa1c0e06
f8301c5a0218c588e832b71c13136a914d2666332b54dcf4fdb5a1e5020f58d4
fa401c580d2494a0ac8632c810414e579d4b9ed6a211d6e5768b496c8f7d061d
fbdc391b751eceeda6ebd31846e2d647cbcef0b1111524c2b1d07d4d5ff5cbe5
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffe827c9fdf833202761ebf4c9ab6c94f9074d4ef18a678017e3059ae1491ea6